Remote Product Security Analyst Job in United States HackerOne

Who you are

• Proven experience with vulnerability disclosure and bug bounty
• Hands-on experience doing security testing or ethical hacking on web and mobile applications
• Strong technical knowledge of OWASP top 10
• Comfortable using security testing tools including Burpsuite
• Excellent written and verbal communication skills
• Experience using frameworks such as CVSS
• Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm
• English fluency
• This role works on a weekday schedule from Monday-Friday
• Must be based remotely in US or Canada

Desirables

• Security experience
• Communication skills
• Technical aptitude
• Time management
• Remote work skills

What the job involves

• Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers
• Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid
• Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice
• Ensure clear and efficient communication between hackers and customers
• Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success
• Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact
• Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings