Product Security Analyst, APAC at HackerOne

Pune, Maharashtra, India

Apply Now

₹2,500,000 – ₹2,800,000Compensation

Mid-level (3 to 4 years)Experience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, Software Security, BiotechnologyIndustries

Requirements

Candidates must have a minimum of 2 years of professional working experience and 3 years of hands-on security testing or ethical hacking experience on web and mobile applications. A strong technical understanding of OWASP Top 10, comfort using security testing tools like Burp Suite, and experience with frameworks such as CVSS are essential. Proven experience with vulnerability disclosure and bug bounty programs is required, with experience managing a bug bounty program being a plus. Excellent written and verbal communication skills, self-motivation, and the ability to manage time and energy output sustainably are also necessary.

Responsibilities

The Product Security Analyst will evaluate assigned vulnerability reports to determine their validity, risk, and severity for HackerOne customers. They will collaborate with hackers to obtain missing information and educate the community on invalid reports. Responsibilities include composing technical summaries for valid reports, detailing impact, reproduction steps, and remediation advice, and ensuring clear communication between hackers and customers. The analyst will also proactively identify and solve issues, respond to delegated work, and assess vulnerability findings against program policies, scope, and impact. Reproducing reported vulnerabilities in a test environment independently is also a key duty.

Skills

Vulnerability assessment

Penetration testing

Threat modeling

Bug bounty

Code security

Security research

AI vulnerabilities

Incident response

Security architecture

HackerOne

Platform connecting ethical hackers with brands

About HackerOne

HackerOne provides a platform that connects global brands with ethical hackers to improve their cybersecurity. The platform allows companies to identify and monitor risks in their digital assets by utilizing the skills of ethical hackers who conduct penetration tests to find vulnerabilities. Clients can import their asset data and use the platform to rank the risk of exploitable assets, ensuring a proactive approach to application security. Unlike many competitors, HackerOne offers 24/7 security coverage and the ability to scale services based on client needs. The goal of HackerOne is to promote a proactive security culture by encouraging companies to implement bug bounty programs as part of their cybersecurity strategy.

San Francisco, CaliforniaHeadquarters

2012Year Founded

$155.1MTotal Funding

SERIES_ECompany Stage

CybersecurityIndustries

5,001-10,000Employees

Benefits

Health Insurance

Dental Insurance

Vision Insurance

Life Insurance

Disability Insurance

Unlimited Paid Time Off

Paid Vacation

Paid Sick Leave

Paid Holidays

Parental Leave

Employee Assistance Program

Digital First Stipend

Equity Stock Options

Retirement Plans

Leaves of Absence

Risks

Increased competition from AI-focused bug bounty programs may divert ethical hackers.

The free tier could reduce revenue from smaller clients opting for complimentary services.

Geopolitical tensions may impact partnerships in regions like the Middle East.

Differentiation

HackerOne connects businesses with ethical hackers for proactive security measures.

The platform offers a unique bug bounty solution to reduce security incident risks.

HackerOne provides 24/7 security coverage and scalable, cost-effective solutions.

Upsides

Growing demand for bug bounty programs enhances HackerOne's market position.

Partnerships in the Middle East expand HackerOne's global reach and influence.

The free tier for vulnerability disclosure attracts startups and smaller businesses.

Land your dream remote job 3x faster with AI

Try Jobo Free