ZipRecruiter

Log In

1

Bug Bounty Program Jobs in Florida (NOW HIRING)

Opendoor

Application Security Engineer

Miami, FL · On-site

$56 - $75/hr

Preferred : • Offensive security experience -- pentesting web apps, APIs, or mobile, and/or red team operations. • Experience running a bug bounty or coordinated disclosure program at scale. • ...

All JobsBug Bounty Program JobsBug Bounty Program Jobs in Florida

Bug Bounty Program information

How do I join a bug bounty program?

To join a bug bounty program, you typically need to register on the platform hosting the program, such as HackerOne or Bugcrowd, and agree to their rules and scope. Developing skills in web security, using tools like Burp Suite or OWASP ZAP, and understanding responsible disclosure are essential. Some programs may require prior experience or certifications like OSCP or CEH.

What are some common challenges faced by professionals managing a Bug Bounty Program?

Professionals overseeing a Bug Bounty Program often encounter challenges such as efficiently triaging a high volume of vulnerability reports, ensuring clear communication with security researchers, and balancing quick response times with thorough investigation. Additionally, maintaining strong relationships with both internal development teams and external participants is crucial for program success. Staying updated on evolving security threats and continually refining program policies are ongoing responsibilities that require adaptability and collaboration.

How much do bug bounties get paid?

Bug bounty programs pay security researchers based on the severity and impact of the vulnerabilities they discover, with rewards ranging from $100 to over $100,000 for critical issues. Payments vary depending on the program, the organization, and the complexity of the bug, and researchers often use platforms like HackerOne or Bugcrowd to participate.

Which bug bounty pays the most?

Bug bounty programs from large technology companies like Apple, Google, and Microsoft tend to offer the highest payouts, often reaching hundreds of thousands of dollars for critical vulnerabilities. Successful bug bounty hunters typically have strong technical skills, knowledge of security testing tools, and experience in identifying high-impact security flaws.

What are the key skills and qualifications needed to thrive as a Bug Bounty Program participant, and why are they important?

To excel in a Bug Bounty Program, you need strong knowledge of cybersecurity fundamentals, vulnerability assessment, and web or software exploitation techniques, often backed by practical experience or certifications like OSCP or CEH. Familiarity with tools such as Burp Suite, Nmap, and Metasploit, as well as bug bounty platforms like HackerOne or Bugcrowd, is typically required. Critical thinking, persistence, and clear written communication are crucial soft skills for effectively identifying vulnerabilities and reporting them to organizations. These skills ensure you can discover security flaws efficiently, responsibly disclose them, and build a positive reputation in the cybersecurity community.

What is a Bug Bounty Program?

A Bug Bounty Program is an initiative offered by organizations that invites ethical hackers and security researchers to identify and report vulnerabilities in the company’s software, websites, or systems. Participants are typically rewarded with monetary compensation, recognition, or other incentives based on the severity of the bugs they find. These programs help organizations strengthen their security by leveraging the broader cybersecurity community, thus identifying issues before malicious hackers can exploit them. Bug bounty programs are widely used by tech companies to enhance security and build trust with users.

Will Facebook pay $500 if you find a bug in their code?

As a bug bounty program participant, Facebook's bug bounty rewards vary depending on the severity and impact of the vulnerability found. While some reports have received payments of $500 or more, the amount is not guaranteed and depends on the quality and significance of the bug. Participants should review Facebook's bug bounty guidelines for specific payout details and submission criteria.

What is the difference between Bug Bounty Program vs Penetration Tester?

AspectBug Bounty ProgramPenetration Tester
CredentialsKnowledge of security vulnerabilities, bug reporting skillsCertifications like OSCP, CEH, CISSP often preferred
Work EnvironmentRemote, project-based, crowdsourcedConsulting firms, in-house teams, on-site or remote
Industry UsageTech companies, startups, open security initiativesSecurity firms, corporate security teams, government agencies
Search/Comparison IntentUnderstanding crowdsourced bug finding vs professional testingComparing freelance or company-based security assessments

The main difference is that Bug Bounty Programs are crowdsourced initiatives where individuals report vulnerabilities remotely, often without formal certifications. Penetration Testers are professionals with certifications who perform targeted security assessments, usually in a consulting or in-house setting. Both roles focus on identifying security flaws but differ in structure, credentials, and work environment.

What are the most commonly searched types of Bug Bounty Program jobs in Florida? The most popular types of Bug Bounty Program jobs in Florida are:
What are popular job titles related to Bug Bounty Program jobs in Florida? For Bug Bounty Program jobs in Florida, the most frequently searched job titles are:
What job categories do people searching Bug Bounty Program jobs in Florida look for? The top searched job categories for Bug Bounty Program jobs in Florida are:
What cities in Florida are hiring for Bug Bounty Program jobs? Cities in Florida with the most Bug Bounty Program job openings:
Bug Bounty Program jobs near you
Infographic showing various Bug Bounty Program job openings in Florida as of June 2026, with employment types broken down into 70% Full Time, and 30% Contract. Highlights an 74% In-person, and 26% Remote job distribution.
Senior Engineer, Application Security

Senior Engineer, Application Security

Intercontinental Exchange Holdings, Inc.

Jacksonville, FL • On-site

$54.25 - $72.50/hr

Full-time

Posted 18 days ago

Job description

Overview
Job Purpose
An Intercontinental Exchange (ICE) IS AppSec Engineer is part of a team responsible for ensuring that ICE produces and maintains secure applications. The team member influences secure design, performs code analysis, identifies vulnerabilities through hands-on penetration testing, assists developers in remediation efforts, and communicates findings to developers, QA teams and management.
Responsibilities
  • Application Identification and Review - Operates the Application Development Security Lifecycle from design review through automated and hands-on testing.
  • Standards and Policies - Maintains and contributes to Application Development Security Policies and standards by keeping up with industry trends and publications from organizations such as NIST, OWASP, and SANS.
  • Secure Design - Works with development teams to establish security requirements early in the SDLC and contributes security subject matter expertise during the development of new projects and releases.
  • Tool Management - Focuses on automation while implementing, maintaining and integrating cutting-edge technologies to assess an application's security with static code analyzers (SAST), dynamic testing (DAST) tools, software composition scanners, Web Application Firewall (WAF) and bug bounty programs.
  • Developer Education - Keeps software engineers apprised of secure coding practices and builds strong rapport and respect with the ICE application development community via training sessions, one-on-one education, Intranet blogs and other opportunities.

Knowledge and Experience
  • University degree in Computer Science, Engineering, MIS, CIS, or related discipline
  • Software engineering experience in Java, C++, .NET and/or related languages
  • Expert at deploying, configuring, and using SAST, DAST, and Software Composition in large environments
  • Experience designing solutions to integrate transparently with the CI/CD pipeline
  • Familiar with application development in large cloud environments

Analyst, Engineer and Senior Engineer DistinctionSeniority is determined by experience and demonstration of exceptional competencies including:
  • Documenting and effectively publishing technology guidance and repeatable processes
  • Mentoring peers in groups and individually
  • Improving processes and introducing superior technology
  • Taking initiative to learn business goals, liaise with other departments, and identify ways to increase productivity in other ICE groups and offices

-
Intercontinental Exchange, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to legally protected characteristics.

Apply