17 days ago
Foster City, CA, USAMid Level / Senior
Base Salary
$180k - $325k/yr
Responsibilities
- Manage vulnerability intake from various sources including bug bounty platforms and customer reports.
- Independently validate, reproduce, and document security findings.
- Coordinate remediation efforts with Engineering, SecOps, and other teams.
- Track SLAs and remediation progress while supporting compliance needs.
- Design and evolve the bug bounty program, including scope and reward structures.
- Lead the coordinated vulnerability disclosure process and manage CVE assignments.
Requirements
- Experience running or triaging bug bounty programs, preferably on HackerOne.
- Strong ability to validate and reproduce vulnerabilities independently.
- Deep understanding of web/app/cloud vulnerability classes and OWASP Top 10.
- Familiarity with cloud platforms, ideally GCP, and SaaS architectures.
- Strong understanding of CI/CD workflows and software engineering fundamentals.
Benefits
- Competitive Salary & Equity.
- 401(k) Program with a 4% match.
- Health, Dental, Vision, and Life Insurance.
- Short Term and Long Term Disability.
- Paid Parental, Medical, and Caregiver Leave.
- Commuter Benefits.
- Monthly Wellness Stipend.
- Autonomous Work Environment.
- In Office Set-Up Reimbursement.
- Flexible Time Off (FTO) + Holidays.
- Quarterly Team Gatherings.
- In Office Amenities.