Product Security Analyst - Events Team

Product Security Analyst – Events Team

3+ years of experience doing security testing or ethical hacking on web and mobile applications
Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required)
Strong technical knowledge of OWASP top 10
Comfortable using security testing tools including Burpsuite
Excellent written and verbal communication skills
Experience using frameworks such as CVSS
Ability and willingness to travel globally at least 3-5 times a year
Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm
English fluency

Evaluate vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers
Collaborate with hackers to understand complex chained vulnerabilities that will grow your skills daily
Ensure clear and efficient communication between hackers, customers and other team mates
Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success
Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid reports that includes clear and concise details regarding the impact, steps to reproduce and remediation advice
Thrive in a collaborative collective environment where hackers, customers and security analysts have the best experience
Self-motivated interest in emerging technologies and their impact on securing the digital world