Lead Triage Security Analyst
| Company | HackerOne |
|---|---|
| Location | Seattle, WA, USA, Washington, DC, USA, San Francisco, CA, USA, Austin, TX, USA |
| Salary | $158000 – $198000 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- 5+ years of experience in application security testing
- 1+ Technical leadership experience in past roles
- 2+ years of experience program managing complex technical programs
- Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required)
- Deep technical knowledge of application security vulnerabilities, risks and severity rating frameworks such as CVSS
- Excellent analytical and problem-solving skills
- Excellent communication skills, both written and verbal
- Ability to manage multiple priorities and stakeholders effectively
- Must be willing to travel 30% of the time both locally and internationally
Responsibilities
- Lead and manage the dedicated triage operations for one of HackerOne’s marquee customers, including onboarding and training new team members
- Act as a subject matter expert on Bug Bounty Triage with deep technical understanding of vulnerabilities and risks
- Act as the primary escalation point for triage situations
- Lead weekly/monthly/quarterly meetings to ensure efficient operations and continuous improvement
- Own and implement changes in the vulnerability triage process to improve efficiency and effectiveness
- Document, share, and maintain Standard Operating Procedures (SOPs) around bug bounty triage
- Collaborate with leadership and cross-functional teams on strategic roadmaps that align with broader business goals, including crawl, walk, and run components
- Perform quality assurance on work done by team members
- Identify and escalate risks in Triage performance to leadership and account teams
Preferred Qualifications
- Past/present security community involvement is a plus
- Strong knowledge of cloud security on AWS environment