This job is no longer available

The job listing you are looking has expired.
Please browse our latest remote jobs.

See open jobs โ†’
โ† Back to all jobs

Application Security Engineer - Bug bounty


11 days ago
Not Specified

Apply Now

Save job


  • Manage and oversee the company's bug bounty program on platforms like HackerOne, HackenProof, and Bugcrowd.
  • Triage and validate bug reports submitted by external researchers.
  • Prioritize and categorize bugs based on severity and potential impact.
  • Collaborate with the engineering and security teams to understand, track, and remediate vulnerabilities.
  • Facilitate communication between external researchers, security teams, and developers to ensure effective resolution of security issues.
  • Provide clear and constructive feedback to external researchers.
  • Maintain a strong relationship with the bug bounty community.
  • Keep up-to-date with the latest cybersecurity trends, vulnerabilities, and threats.
  • Prepare and present reports on bug bounty program performance.
  • Requirements

  • 2+ Years of hands-on experience in the Application Security field.
  • Experience in a similar role, managing bug bounty programs and handling vulnerability reports will be a definite advantage.
  • Strong understanding of web and mobile application security.
  • Deep understanding of application security frameworks such as OWASP Top 10 and possess a strong sense of security regarding business and financial logic flaws.
  • Proficiency in using bug bounty platforms like HackerOne, HackenProof, Bugcrowd, etc.
  • Excellent problem-solving skills and attention to detail.
  • Strong communication skills, with the ability to explain complex security issues to non-technical stakeholders.
  • Experience in coordinating and collaborating with diverse teams.
  • The ability to read code and understand how the back-end responds to API requests in programming languages such as Java, Ruby, Elixir, and JavaScript is crucial.
  • Relevant certifications such as Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP) are a plus.
  • Share job

    Help us maintain the quality of jobs posted on Empllo!

    Is this position not a remote job?

    Let us know!
    Similar Engineering Jobs
    See more Engineering jobs โ†’
    Sophos logo
    Restricted Remote
    ๐ŸŒ Asia
    ๐Ÿ’ฐ Salary not provided
    Crypto logo
    Pagerduty logo
    YC Company
    ๐Ÿ’ฐ Salary not provided
    Docebo logo
    ๐Ÿ’ฐ Salary not provided