Remotery

Product Security Analyst

Posted 3 hours ago

This is a fully remote position, open to applicants in California, +4 more states.

📋 Description

• Assess vulnerability reports submitted by security researchers to evaluate their validity, severity, exploitability, and business implications for HackerOne clients by utilizing Data-Driven Decision Making and established security frameworks like CVSS.

• Independently replicate reported vulnerabilities across web and mobile platforms, employing First Principles Problem Solving to verify findings, determine root causes, and effectively communicate the impact.

• Work collaboratively with security researchers to obtain missing information, clarify technical specifics, and enhance report quality while ensuring clear and professional communication with clients.

• Develop succinct, technically precise summaries for validated findings, which include reproduction steps, impact assessments, and remediation recommendations.

• Exhibit Change Agility by adjusting to shifting customer environments, evolving program scopes, new attack methodologies, and changing operational priorities.

• Contribute to an AI-First strategy by utilizing automation and AI-driven workflows to boost operational efficiency, report analysis, and the quality of vulnerability triage.

• Collaborate across functions with Technical Services colleagues and customer-facing teams to ensure prompt handling of vulnerabilities and deliver a superior customer experience.

• Actively seek opportunities to enhance internal processes, documentation, tools, and triage workflows to improve scalability and consistency within the Technical Services organization.


⛳️ Requirements

• Over 3 years of hands-on experience in security testing, vulnerability research, or ethical hacking for web and mobile applications.

• Strong technical knowledge of common application security vulnerabilities, including the OWASP Top 10.

• Proficient in using security testing tools such as Burp Suite and familiar with vulnerability scoring frameworks like CVSS.

• Exceptional written and verbal communication skills in English, including the capability to convey technical concepts clearly to both technical and non-technical audiences.


🏝️ Benefits

• Health (medical, vision, dental), life, and disability insurance*

• Equity stock options

• Retirement plans

• Paid public holidays and unlimited PTO

• Paid maternity and parental leave

• Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)

• Employee Assistance Program

People also viewed

Synmatch AI1 hour ago

Cyber Security Analyst

RO flagRomania OnlyFull-timeSecurity Analyst
ApplyView job
Rimini Street1 hour ago

Security Analyst, Oracle

MX flagMexico OnlyFull-timeSecurity Analyst
ApplyView job
MKS2 Technologies2 hours ago

ISSO Security Analyst

US flagUnited States OnlyFull-timeSecurity Analyst$85k – $90k/year
ApplyView job
AAA2 hours ago

Cyber Threat Intelligence Analyst

US flagAlabama, +20 more statesFull-timeSecurity Analyst$122.8k – $164k/year
ApplyView job
Bolster, Inc3 hours ago

Security Analyst I – Trust & Safety

IN flagIndia OnlyFull-timeSecurity Analyst
ApplyView job
OutSystems1 day ago

Senior Security Analyst

US flagUnited States OnlyFull-timeSecurity Analyst
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers