Product Security Analyst
| Company | HackerOne |
|---|---|
| Location | Seattle, WA, USA, Washington, DC, USA, San Francisco, CA, USA, Austin, TX, USA |
| Salary | $115000 – $144000 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Junior, Mid Level |
Requirements
- Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required)
- Hands-on experience doing security testing or ethical hacking on web and mobile applications
- Strong technical knowledge of OWASP top 10
- Comfortable using security testing tools including Burpsuite
- Excellent written and verbal communication skills
- Experience using frameworks such as CVSS
- Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm
- English fluency
Responsibilities
- Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers
- Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid
- Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice
- Ensure clear and efficient communication between hackers and customers
- Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success
- Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact
- Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings.
Preferred Qualifications
-
No preferred qualifications provided.