AVP, Penetration Tester
Austin, TX · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Austin, TX · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Austin, TX · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
East Montpelier, VT · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
East Montpelier, VT · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Little Rock, AR · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Little Rock, AR · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Lincoln, NE · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Lincoln, NE · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Nashville, TN · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Nashville, TN · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
$60.25 - $80.25/hr
Triage security findings received through a public bug bounty program, communicating with both the developers and independent security researchers * Perform Security Assessments & Assist in ...
$60.25 - $80.25/hr
Triage security findings received through a public bug bounty program, communicating with both the developers and independent security researchers * Perform Security Assessments & Assist in ...
Spring, TX · On-site
$147K - $230K/yr
Develop and support tools and processes to assist with collection and analysis of security ... Leadership and management of bug bounty program * Pan-HP contribution to security response ...
Spring, TX · On-site
$147K - $230K/yr
Develop and support tools and processes to assist with collection and analysis of security ... Leadership and management of bug bounty program * Pan-HP contribution to security response ...
Annapolis, MD · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Annapolis, MD · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Atlanta, GA · On-site
$88K - $110K/yr
Coordinate the ingestion and prioritization of vulnerabilities reported through Bug Bounty ... accommodations to assist you in the search and application process, please email us at ...
Atlanta, GA · On-site
$88K - $110K/yr
Coordinate the ingestion and prioritization of vulnerabilities reported through Bug Bounty ... accommodations to assist you in the search and application process, please email us at ...
Annapolis, MD · On-site
$69K - $158K/yr
... commercial bug bounty programs * Experience with databases, backend systems, and supporting ... As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with ...
Annapolis, MD · On-site
$69K - $158K/yr
... commercial bug bounty programs * Experience with databases, backend systems, and supporting ... As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with ...
Austin, TX · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Austin, TX · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Annapolis Junction, MD · On-site
$69K - $158K/yr
... cia l bug bounty programs * Experience with databases, backend systems, and supporting ... As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with ...
Annapolis Junction, MD · On-site
$69K - $158K/yr
... cia l bug bounty programs * Experience with databases, backend systems, and supporting ... As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with ...
$152K - $269K/yr
Leverage AI models and tools (e.g., LLMs, code generation, fuzzing assistants) to accelerate ... Contributions to open-source security tooling or published CVEs / bug bounty hall-of-fame credits
$152K - $269K/yr
Leverage AI models and tools (e.g., LLMs, code generation, fuzzing assistants) to accelerate ... Contributions to open-source security tooling or published CVEs / bug bounty hall-of-fame credits
Helena, MT · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Helena, MT · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Fort Mill, SC · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Fort Mill, SC · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Austin, TX · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Austin, TX · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Annapolis Junction, MD · On-site
$112K - $257K/yr
... commercial bug bounty programs * Experience with databases, backend systems, and supporting ... As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with ...
Annapolis Junction, MD · On-site
$112K - $257K/yr
... commercial bug bounty programs * Experience with databases, backend systems, and supporting ... As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with ...
San Diego, CA · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
San Diego, CA · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Jefferson City, MO · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Jefferson City, MO · On-site
$80 - $90/hr
... Bug Bounty Programs and evaluating false positive review requests. The engineer will assess ... These tools assist our hiring teams in different ways, including but not limited to, assistance in ...
Fort Mill, SC · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
Fort Mill, SC · On-site
... issues * Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs What are we looking for? We are seeking collaborative ...
| Aspect | Assistant Bug Bounty | Security Analyst |
|---|---|---|
| Required Credentials | Basic cybersecurity knowledge, certifications like CompTIA Security+ or CEH | Advanced certifications like CISSP, CISA, or GIAC |
| Work Environment | Typically part-time or freelance, focused on bug hunting and vulnerability testing | Full-time, involved in broader security monitoring, incident response, and policy development |
| Employer & Industry Usage | Tech companies, cybersecurity firms, freelance platforms | Corporations, government agencies, large enterprises |
| Search & Comparison Intent | Understanding entry-level bug bounty roles vs security analysis |
While both roles involve cybersecurity, an Assistant Bug Bounty focuses on identifying vulnerabilities through bug hunting, often in a freelance or part-time capacity. A Security Analyst has a broader scope, including monitoring security systems, analyzing threats, and implementing security measures within organizations. The roles differ mainly in scope, responsibilities, and required experience, but both contribute to organizational cybersecurity efforts.

Full-time
Medical, Retirement, PTO
Posted 26 days ago
7.5
Based on 67 frontline employees who took The Breakroom Quiz
114th of 146 rated financial services
Where Ambition Meets Innovation
Build a career that matches all your initiative with an impressive dose of innovation. From cutting-edge resources and a collaborative environment to the freedom to make an impact and more, you'll find the ingredients you need at LPL Financial to shape your success while helping clients pursue their financial goals.
At LPL Financial, protecting our clients, advisors, and employees is foundational to everything we do. Offensive Security is a top area of investment within Information Security, and this role offers the opportunity to directly influence the security posture of a large, complex enterprise. If you enjoy handson technical work, collaborating across teams, and creatively testing the limits of modern systems, this is an exciting opportunity to help evolve LPL's offensive security capabilities.
Job Overview
As a member of the Cyber Security team, the Senior Penetration Tester, Offensive Security, is responsible for the scheduling, scoping, and execution of internal penetration testing, with a primary focus on web, mobile, cloud, API, and AIenabled applications.
This individual contributor role performs advanced manual penetration testing to validate the security of company resources. The position serves as the primary point of contact for assigned testing initiatives and partners closely with stakeholders across the organization to identify security weaknesses, recommend mitigation strategies, and validate remediation efforts across LPL applications and platforms.
Responsibilities
Partner with product and technology stakeholders to drive endtoend penetration testing activities, including collaboration with Security Architects throughout the SDLC to identify and address security issues prior to production deployment
Conduct tactical penetration testing assessments of web, mobile, and API applications against OWASP Top 10 threats and emerging risks, and collaborate with Application Security teams to provide actionable feedback and recommendations, including opportunities to expand automated and AIassisted testing capabilities
Perform security assessments of internal and external networks, infrastructure, cloud environments, and a wide range of internally developed and commercial products
Apply creative and analytical thinking to bypass security controls, identify vulnerabilities, and develop practical remediation guidance; stay informed on evolving tactics, techniques, and procedures (TTPs), zeroday vulnerabilities, and mitigation strategies
Develop or modify custom tools and scripts to support new penetration testing needs, automation, and AIassisted testing approaches
Document and formally report testing scope, methodology, findings, risk ratings, remediation recommendations, and validation results in a clear and concise manner
Present testing results to technology and business partners, clearly communicating risk, impact, and remediation guidance in an accessible and collaborative way
Lead execution of assigned penetration testing initiatives, including status communication to leadership and coordination with stakeholders
Oversee communication, tracking, and retesting of findings to validate successful closure of previously identified issues
Assist with validation and triage of submissions from the company's Vulnerability Disclosure Program and Bug Bounty programs
What are we looking for?
We are seeking collaborative professionals who enjoy handson technical work and take pride in delivering a highquality internal client experience. This role is well suited for individuals who thrive in a fastpaced environment, enjoy solving complex security challenges, and continuously look for ways to improve processes, tooling, and outcomes.
Requirements
8+ years of experience conducting application, API, and networkbased penetration testing engagements
6+ years of experience troubleshooting tools, manually identifying vulnerabilities in code, and rewriting code to remediate security issues
3+ years of experience leading penetration testing engagements from scoping through reporting and remediation validation
1+ year of experience testing AI, LLM, or Generative AIenabled applications
1+ year of experience using AI models (such as Claude or similar) to accelerate tool development or testing workflows + Advanced knowledge of security assessment tools and frameworks, such as Burp Suite, Kali Linux, Nessus, Accunetix, Metasploit, AutoSploit, Cobalt Strike, MITRE ATT&CK, MITRE ATLAS, OWASP Top 10 (including OWASP Top 10 for LLMs)
Preferences
Bachelor's degree or equivalent experience in Information Security, Engineering, Computer Science, or a related field
Advanced understanding of OWASP frameworks, MITRE ATT&CK and ATLAS, and secure software development lifecycle (SDLC) practices
At least one industryrecognized certification, such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN
Advanced proficiency in one or more programming or scripting languages, such as .NET, JavaScript, Python, Java, PowerShell, Perl, Ruby, Bash, or similar
Advanced knowledge of Linux, macOS, and Windows operating systems, as well as AWS and Azure cloud environments and cloudnative services (e.g., containers, Kubernetes, microservices, serverless functions)
Experience performing reverse engineering on mobile applications, including those with obfuscation or antiemulation protections
Broad knowledge of operating system security, networking and protocols, firewalls, databases, middleware, forensics, and secure coding practices
Effective written and verbal communication skills, with the ability to collaborate with technical and nontechnical stakeholders
Organized approach to managing multiple testing efforts and deliverables
A natural curiosity for exploring, testing, and understanding security controls and how they can be improved
Pay Range:
$122,570.00 - $204,249.00Company Overview:
LPL Financial Holdings Inc. (Nasdaq: LPLA) is among the fastest growing wealth management firms in the U.S. As a leader in the financial advisor-mediated marketplace(6) , LPL supports over 32,000 financial advisors and the wealth management practices of approximately 1,100 financial institutions, servicing and custodying approximately $2.3 trillion in brokerage and advisory assets on behalf of approximately 8 million Americans. The firm provides a wide range of advisor affiliation models, investment solutions, fintech tools and practice management services, ensuring that advisors and institutions have the flexibility to choose the business model, services, and technology resources they need to run thriving businesses. For further information about LPL, please visit www.lpl.com.
At LPL, independence means that advisors and institution leaders have the freedom they deserve to choose the business model, services, and technology resources that allow them to run a thriving business. They have the flexibility to do business their way. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors and institutions, so they can take care of their clients.
For further information about LPL, please visit www.lpl.com.
Join the LPL team and help us make a difference by turning life's aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.
Information on Interviews:
LPL will only communicate with a job applicant directly from an@lplfinancial.comemail address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant's bank or credit card. Should you have any questions regarding the application process, please contact LPL's Human Resources Solutions Center at(855) 575-6947.
EAC 5.19.26
Get the full story on Breakroom
Sourced by ZipRecruiter
Finance and insurance
1,001 - 5,000 Employees
San Diego, CA, US
1989