Product Security Analyst

🔥 0 minutes ago

🏄 California, District of Columbia, +3 more states – Remote

🏄 California – Remote 🏛️ District of Columbia – Remote 🍂 Massachusetts – Remote 🤠 Texas – Remote ☕ Washington – Remote

💵 $120k - $155k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🔐 Security Analyst

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

HackerOne

WebsiteLinkedInAll Job Openings

201 - 500 employees

Founded 2012

🔐 Security

🔒 Cybersecurity

💰 $49M Series E on 2022-01

Security • Cybersecurity

HackerOne is a platform that connects businesses with ethical hackers to identify and fix security vulnerabilities. It offers services like bug bounty programs, pentest as a service, continuous security testing, vulnerability disclosure programs, AI safety and security testing, and application and cloud security. HackerOne engages a global community of ethical hackers who help businesses secure their digital assets by finding and addressing vulnerabilities. By leveraging both human and AI resources, HackerOne aims to outmatch cybercriminals and enhance security for various sectors, including automotive, financial services, government, healthcare, and retail. The company also provides educational resources, such as Hacker101, to train and develop the skills of people interested in cybersecurity.

📋 Description

• Evaluate vulnerability reports submitted by security researchers to determine validity, severity, exploitability, and business impact for HackerOne customers using Data-Driven Decision Making and established security frameworks such as CVSS. • Independently reproduce reported vulnerabilities across web and mobile applications, applying First Principles Problem Solving to validate findings, identify root causes, and clearly communicate impact. • Collaborate directly with security researchers to gather missing information, clarify technical details, and improve report quality while maintaining clear and professional communication with customers. • Create concise, technically accurate summaries for validated findings, including reproduction steps, impact analysis, and remediation guidance. • Demonstrate Change Agility by adapting to evolving customer environments, changing program scopes, emerging attack techniques, and shifting operational priorities. • Contribute to an AI-First approach by leveraging automation and AI-enabled workflows to improve operational efficiency, report analysis, and vulnerability triage quality. • Partner cross-functionally with Technical Services teammates and customer-facing teams to ensure timely handling of vulnerabilities and a high-quality customer experience. • Proactively identify opportunities to improve internal processes, documentation, tooling, and triage workflows to enhance scalability and consistency across the Technical Services organization.

🎯 Requirements

• 3+ years of hands-on experience performing security testing, vulnerability research, or ethical hacking on web and mobile applications. • Strong technical understanding of common application security vulnerabilities, including the OWASP Top 10. • Experience using security testing tools such as Burp Suite and familiarity with vulnerability scoring frameworks including CVSS. • Excellent written and verbal communication skills in English, including the ability to communicate technical concepts clearly to both technical and non-technical audiences.

🏖️ Benefits

• Health (medical, vision, dental), life, and disability insurance* • Equity stock options • Retirement plans • Paid public holidays and unlimited PTO • Paid maternity and parental leave • Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act) • Employee Assistance Program