1

Bug Bounty Manager Jobs (NOW HIRING)

Bug Bounty Program Management: Own and expand Vercel's bug bounty program. You will triage and validate incoming vulnerability reports from the security researcher community, ensure critical issues ...

Senior Security Engineer

$117K - $160K/yr

... management program across our compute fleet (EC2, containers, and Kubernetes nodes) so ... from bug bounty, third-party pentests, and cloud security posture scans. • Mentor security ...

... Bug Bounty & Vulnerability Management Be the primary owner of our ImmuneFi program - triaging, reproducing, and responding to incoming submissions daily Prioritize and track vulnerabilities through ...

AppSec SME

$60.25 - $80.25/hr

AppSec SME Job Details: * "Create project plan along with communication and risk management plan * Monitor and track the Bug bounty vulnerabilities and remediation closure * Track the coverage of the ...

Bug bounty program operations - triaging HackerOne reports, validating findings, and driving fixes ... Experience managing a vulnerability pipeline - from discovery through prioritization to verified ...

Senior Product Security Engineer

$117K - $160K/yr

Vulnerability Management : Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts. * Security ...

Red Team Engineer/ Offensive Security Lead

$104K - $138K/yr

Experience with infrastructure-as-code or configuration management security (Chef/InSpec a plus) * Bug bounty program operations experience (HackerOne, Bugcrowd, or similar platforms) Salary: $150 ...

New

CNO Developer

Chantilly, VA · On-site

$129K - $177K/yr

Building, configuring, managing virtualized systems * Comfortable and willing to operate/maintain ... Desire to contribute to CTF events, bug bounty programs, and speaking at the security conferences

... Manage our Bug Bounty Program • Implement security controls across Merge, from infrastructure to CI • Implement and run manual and automated security practices to mitigate vulnerabilities • ...

next page

Showing results 1-20

Bug Bounty Manager information

What does a typical week look like for a Bug Bounty Manager in terms of responsibilities and collaboration?

A Bug Bounty Manager typically spends the week overseeing vulnerability reports, coordinating with security researchers, and prioritizing remediation efforts with engineering teams. They review incoming submissions, validate findings, and communicate with both internal stakeholders and external participants to ensure clear understanding and timely resolution of issues. Collaboration is key in this role, as managers often work closely with developers, legal, and compliance teams to align on security priorities and program updates. Additionally, they may analyze program metrics and provide feedback to improve the bounty process.

What are the key skills and qualifications needed to thrive as a Bug Bounty Manager, and why are they important?

To thrive as a Bug Bounty Manager, you need expertise in cybersecurity, vulnerability management, and a solid understanding of software development, typically supported by a degree in computer science or related field. Familiarity with bug bounty platforms (such as HackerOne or Bugcrowd), vulnerability tracking tools, and relevant certifications like CISSP or CEH is important. Strong communication, analytical thinking, and stakeholder management skills help you coordinate between security researchers and internal teams. These skills ensure effective vulnerability reporting, timely remediation, and the overall security posture of the organization.

What are Bug Bounty Managers?

Bug Bounty Managers are professionals responsible for overseeing bug bounty programs, which incentivize security researchers to find and report vulnerabilities in a company's software or systems. They coordinate the design, implementation, and management of these programs, ensuring that reported issues are validated, prioritized, and addressed efficiently. Bug Bounty Managers also communicate with security researchers, internal security teams, and stakeholders to improve the organization's security posture. Their role is crucial in fostering a collaborative relationship between the organization and the security community.

What is the difference between Bug Bounty Manager vs Security Analyst?

AspectBug Bounty ManagerSecurity Analyst
Required CredentialsCertifications like OSCP, CEH, or CISSP; experience in bug bounty programsCertifications such as CISSP, GIAC, or CEH; strong knowledge of security protocols
Work EnvironmentFocus on managing bug bounty programs, coordinating with researchers, and analyzing reportsMonitoring security systems, conducting vulnerability assessments, and incident response
Employer & Industry UsageTech companies, cybersecurity firms, organizations running bug bounty programsCorporate security teams, government agencies, consulting firms

The Bug Bounty Manager primarily oversees bug bounty initiatives, managing researcher collaborations and triaging reports. In contrast, a Security Analyst focuses on analyzing security threats, conducting assessments, and maintaining overall security posture. Both roles require security certifications and a strong understanding of vulnerabilities, but their daily tasks and focus areas differ significantly.

More about Bug Bounty Manager jobs
What cities are hiring for Bug Bounty Manager jobs? Cities with the most Bug Bounty Manager job openings:
What are the most commonly searched types of Bug Bounty jobs? The most popular types of Bug Bounty jobs are:
What states have the most Bug Bounty Manager jobs? States with the most job openings for Bug Bounty Manager jobs include:
What job categories do people searching Bug Bounty Manager jobs look for? The top searched job categories for Bug Bounty Manager jobs are:
Infographic showing various Bug Bounty Manager job openings in the United States as of July 2026, with employment types broken down into 7% Locum Tenens, 1% Internship, 66% Full Time, 6% Part Time, 1% Nights, and 19% Summer. Highlights an 87% Physical, 1% Hybrid, and 12% Remote job distribution.
Engineering Manager, Proactive Security

Engineering Manager, Proactive Security

DoorDash

Los Angeles, CA • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 5 days ago


DoorDash rating

6.4

Company rating: 6.4 out of 10

Based on 182 frontline employees who took The Breakroom Quiz

12th of 23 rated food delivery companies


Job description

About the Team
At DoorDash we're building the industry's most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is paramount to the success of our business, and DoorDash Security aspires to be the world's most admired security team. We are committed to building the world's most trusted on-demand, logistics engine for delivery! We're expanding our team of great minds to help us secure and maintain a 24x7, no downtime, global infrastructure system that powers DoorDash's multi-sided marketplace of consumers, merchants, and dashers.
About the Role
Our Security Engineering team is looking for an Engineering Manager, Proactive Security to set and lead the technical direction for Security Product Engineering at DoorDash globally.
You will be a part of our inclusive, collaborative global team responsible for building "paved road" Security Product controls directly into our Customer, Merchant and Dasher products to ensure a safe, secure and resilient delivery network. This is a US or Canada remote position reporting directly to the Director of our Security Engineering team.
You're excited about this opportunity because you will...
  • Set and execute the technical vision for Security Product Engineering Pods, Bug Bounty and Vuln Management teams, ensuring alignment with DoorDash business objectives.
  • Lead the overall Security Product Engineering, Bug Bounty and Mythos era Vulnerability Management direction and roadmap execution.
  • Coach and mentor highly skilled engineers as a "player-coach" leaning in to understand Customer, Merchant and Dasher security problems at the lowest level and lead the team to build the right proactive controls. Success is not measured in shipping code, it's measured in annihilating and improving classes of vulnerabilities.
  • Partner cross-functionally with Product Engineering, Legal, Security Engineering Platform, Data teams and XFN partners to build "paved road" proactive security controls that enable secure by design practices into DoorDash products. Examples of Security Products this team has built include PassKeys, Secured Agentic Security, AI Guardrails, Authentication for Merchants Tablets, Secure Remote Merchant Tablet Access and many upcoming initiatives.
  • Partner cross-functionally with Product Engineering, Legal, Security Engineering Platform, Data teams and XFN partners to execute rigorous, agent enabled cross-brand Bug Bounty Program, Penetration Testing Program and Vulnerability Management Program against Mythos era equipped adversaries.
  • Build and maintain high Operational Excellence (OE) security services (e.g. Vuln Management Data Lakes) to ensure we operate with excellence, rigor and durable standards to ensure minimal downtime.
  • Influence and enable the secure and responsible adoption of AI tools from a Proactive Security perspective.
We're excited about you because...
  • 12+ years of experience as a Security Product Engineer at an Internet scale organization with 3+ years of demonstrated technical leadership leading teams building outcomes at global scale.
  • Track record of shifting the industry in how Internet scale companies deliver security products across global economies.
  • Master's degree in Computer Science, Security Engineering, a related field or equivalent work experience.
  • Demonstrated technical leadership in Account Security, Product Security Engineering, AI Security across Business to Consumer, Business to Business, and Business to Vendor security controls.
  • Demonstrated technical leadership designing technical Security Engineering controls and processes to meet required regulatory requirements.
  • Demonstrated technical leadership in designing scalable, AI enabled and ergonomic Security Review processes.
  • Exceptional problem solving of complex, systemic issues that require audacious thinking, rigor and creativity.
  • Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis for security incidents and driving long term roadmaps to remediate.
  • Exceptional verbal and written communication skills - you will confidently shape and lead the Security Product Engineering function globally and influence stakeholders across core engineering and product teams to security preserving control outcomes.

Compensation
The successful candidate's starting pay will fall within the pay range listed below and is determined based on job-related factors including, but not limited to, skills, experience, qualifications, work location, and market conditions. Base salary is localized according to an employee's work location. Ranges are market-dependent and may be modified in the future.
In addition to base salary, the compensation for this role includes opportunities for equity grants. Talk to your recruiter for more information.
DoorDash cares about you and your overall well-being. That's why we offer a comprehensive benefits package to all regular employees, which includes a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act). DoorDash also offers medical, dental, and vision benefits, 11 paid holidays, disability and basic life insurance, family-forming assistance, and a mental health program, among others.
To learn more about our benefits, visit our careers page here.
See below for paid time off details:
  • For salaried roles: flexible paid time off/vacation, plus 80 hours of paid sick time per year.
  • For hourly roles: vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week), and paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week).

The national base pay range for this position within the United States, including Illinois and Colorado.
$193,800-$285,000 USD
About DoorDash
At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users-from Dashers to merchant partners to consumers. We are a technology and logistics company that started by enabling door-to-door delivery, and we are looking for team members who can help us go from a company that is known as the place you order food to a company that people turn to for any and all goods.
DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees' happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more.
Our Commitment to Diversity and Inclusion
We're committed to growing and empowering a more inclusive community within our company, industry, and cities. That's why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel.
Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on "protected categories," we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce - people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination.
Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.
If you need any accommodations, please inform your recruiting contact upon initial connection.
Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only
We used Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provided Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound from August 21, 2023, through December 21, 2023. We resumed using Covey Scout for Inbound again on June 29, 2024, and ceased using Covey Scout for Inbound on April 30, 2026.
The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here: https://getcovey.com/nyc-local-law-144.

What DoorDash employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


DoorDash logo

About DoorDash

Sourced by ZipRecruiter

At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users--from Dashers to merchant partners to consumers. We are a technology and logistics company that started with door-to-door delivery, and we are looking for team members who can help us go from a company that is known for delivering food to a company that people turn to for any and all goods. DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees' happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more.

Industry

Transportation equipment manufacturing

Company size

10,000+ Employees

Headquarters location

San Francisco, CA, US

Year founded

2013