Product Security Analyst
22 hours ago
🏡 Remote – New York
Description
• Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers • Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid • Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice • Ensure clear and efficient communication between hackers and customers • Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success • Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact. • Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings.
Requirements
• Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required) • Hands-on experience doing security testing or ethical hacking on web and mobile applications • Strong technical knowledge of OWASP top 10 • Comfortable using security testing tools including Burpsuite • Excellent written and verbal communication skills • Experience using frameworks such as CVSS • Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm • English fluency • This role includes weekend work, with the schedule of working Friday-Tuesday during business day time hours. You will have Wednesdays/Thursdays off. Must be ok with working the weekend. • Must be based remotely in US or Canada. HackerOne is a digital-first company. This model offers our employees flexibility in time and location. All employees must be able to work and excel in a remote environment.
Benefits
• Offers Equity
Apply Now
