Security Analyst, Bug Bounty
Cyber Focus AI · United States · 3 days ago
RemoteRemoteAnalystFull-time
What To Expect (Job Responsibilities)
- Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program
- Communicate effectively with security researchers to clarify reports and enhance engagement
- Understand root causes of vulnerabilities to advise product and engineering teams on mitigation strategies
- Cook up the lifecycle of submissions through to resolution with internal stakeholders
- Conduct data analysis on bug reports to identify systemic risks and inform new security initiatives
What Is Required (Qualifications)
- Proven ability to follow bug reports and accurately triage security vulnerabilities
- Familiarity with web security issues and exploit methodologies (e.g., OWASP Top 10, CWEs)
- C competent in offensive security tools (e.g., Burp Suite, custom scripting)
- Ability to think like an attacker to understand the impact of vulnerabilities
- Proficient in clear communication, conveying technical concepts to various stakeholders
How To Stand Out (Preferred Qualifications)
- Experience in technical support, operations, or similar roles with technical systems exposure
- Prior participation in or experience with bug bounty programs
- Experience analyzing source code for security vulnerabilities
- Proficiency in scripting languages (e.g., Python, Ruby) for automation
- Familiarity with cloud-based services (e.g., AWS, GCP)