SIGNUP

Job Opportunities

Find jobs near you, whether onsite, hybrid, or remote.
  • Similar Jobs to: Product Security Analyst
XX
Product Security AnalystHackerOneUnited States
Apply Now
XX

Product Security Analyst

HackerOne
  • US
    United States
  • US
    United States
Apply Now

About

Product Security Analyst
HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. As a Product Security Analyst, you will join HackerOne's Technical Services organization and work directly with some of the world's most skilled security researchers to help customers identify and remediate impactful vulnerabilities. You will play a critical role in validating, reproducing, and communicating security findings across bug bounty and vulnerability disclosure programs while helping maintain a high-quality experience for both customers and hackers. As we continue evolving our AI-powered offensive security platform, this role offers an opportunity to deepen technical expertise in web and mobile application security while collaborating with globally distributed teams and the broader hacker community. At HackerOne, we embrace a Flexible Work approach that gives us the freedom to do our best work while also fostering the connections and community that make us stronger. Reflecting this philosophy, this is a remote role targeted for candidates within ~50 miles of Boston MA, Austin TX, Washington DC, Seattle WA, or San Francisco Bay Area CA. We believe this balance of proximity and flexibility gives Hackeronies the chance to occasionally come together – fostering collaboration, connection, and in-person moments that enrich our culture – while still preserving the benefits of remote work. What You Will Do
Evaluate vulnerability reports submitted by security researchers to determine validity, severity, exploitability, and business impact for HackerOne customers using Data-Driven Decision Making and established security frameworks such as CVSS. Independently reproduce reported vulnerabilities across web and mobile applications, applying First Principles Problem Solving to validate findings, identify root causes, and clearly communicate impact. Collaborate directly with security researchers to gather missing information, clarify technical details, and improve report quality while maintaining clear and professional communication with customers. Create concise, technically accurate summaries for validated findings, including reproduction steps, impact analysis, and remediation guidance. Demonstrate Change Agility by adapting to evolving customer environments, changing program scopes, emerging attack techniques, and shifting operational priorities. Contribute to an AI-First approach by leveraging automation and AI-enabled workflows to improve operational efficiency, report analysis, and vulnerability triage quality. Partner cross-functionally with Technical Services teammates and customer-facing teams to ensure timely handling of vulnerabilities and a high-quality customer experience. Proactively identify opportunities to improve internal processes, documentation, tooling, and triage workflows to enhance scalability and consistency across the Technical Services organization. Minimum Qualifications
3+ years of hands-on experience performing security testing, vulnerability research, or ethical hacking on web and mobile applications. Strong technical understanding of common application security vulnerabilities, including the OWASP Top 10. Experience using security testing tools such as Burp Suite and familiarity with vulnerability scoring frameworks including CVSS. Excellent written and verbal communication skills in English, including the ability to communicate technical concepts clearly to both technical and non-technical audiences. Preferred Qualifications
Experience participating in bug bounty or vulnerability disclosure programs. Experience reproducing and validating vulnerabilities submitted by external researchers or customers. Familiarity with scripting or automation used in security testing or operational workflows. Demonstrated ability to manage competing priorities and maintain operational excellence in a fast-paced, globally distributed environment. Compensation Band
Tier A (SF Bay Area) - $135,000 to $155,000 Tier B (all other locations) - $120,000 to $140,000 (+ equity) #LI-MH1 Job Benefits:
Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act) Employee Assistance Program *Eligibility may differ by country We're committed to building a global team! For certain roles outside the United States, India, the U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.
  • United States

Languages

  • English
Notice for Users

This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.