SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
A leading cybersecurity firm seeks a highly skilled Technical Engagement Manager to own the technical onboarding and implementation of Bug Bounty and Pentest programs. The role involves customer ...
A leading cybersecurity firm seeks a highly skilled Technical Engagement Manager to own the technical onboarding and implementation of Bug Bounty and Pentest programs. The role involves customer ...
Senior AppSec Engineer
Atlanta, GA · Remote
$90K - $180K/yr
Bug Bounty & Research: Help manage our bug bounty program by triaging submissions, working with researchers, and validating fixes with our engineers. * Secure AI Integration: Serve as the security ...
Senior AppSec Engineer
Atlanta, GA · Remote
$90K - $180K/yr
Bug Bounty & Research: Help manage our bug bounty program by triaging submissions, working with researchers, and validating fixes with our engineers. * Secure AI Integration: Serve as the security ...
Senior AppSec Engineer
Atlanta, GA · On-site +1
$90K - $180K/yr
Bug Bounty & Research: Help manage our bug bounty program by triaging submissions, working with researchers, and validating fixes with our engineers. * Secure AI Integration: Serve as the security ...
Senior AppSec Engineer
Atlanta, GA · On-site +1
$90K - $180K/yr
Bug Bounty & Research: Help manage our bug bounty program by triaging submissions, working with researchers, and validating fixes with our engineers. * Secure AI Integration: Serve as the security ...
Lead and administer the HackerOne bug bounty and vulnerability disclosure program and collaborate with engineering team to remediate critical vulnerabilities, preventing security breaches. Work with ...
Lead and administer the HackerOne bug bounty and vulnerability disclosure program and collaborate with engineering team to remediate critical vulnerabilities, preventing security breaches. Work with ...
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
Senior AppSec Engineer
Atlanta, GA · On-site
$90K - $180K/yr
Bug Bounty & Research: Help manage our bug bounty program by triaging submissions, working with researchers, and validating fixes with our engineers. * Secure AI Integration: Serve as the security ...
Senior AppSec Engineer
Atlanta, GA · On-site
$90K - $180K/yr
Bug Bounty & Research: Help manage our bug bounty program by triaging submissions, working with researchers, and validating fixes with our engineers. * Secure AI Integration: Serve as the security ...
Member of Technical Staff (Software Engineer, Security)
New York, NY · On-site +1
$220K - $405K/yr
Develop and operate systems and workflows that support the bug bounty and vulnerability disclosure program, including intake, triage, prioritization, and remediation tracking. * Partner with product ...
Member of Technical Staff (Software Engineer, Security)
New York, NY · On-site +1
$220K - $405K/yr
Develop and operate systems and workflows that support the bug bounty and vulnerability disclosure program, including intake, triage, prioritization, and remediation tracking. * Partner with product ...
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
Technical Program Manager - Security
Seattle, WA · On-site +1
$130K - $170K/yr
Experience managing cross-functional, large-scale technical security programs, including the Security Vulnerability Program, Security Exceptions Program, and Bug Bounty Program > * Familiar with ...
Technical Program Manager - Security
Seattle, WA · On-site +1
$130K - $170K/yr
Experience managing cross-functional, large-scale technical security programs, including the Security Vulnerability Program, Security Exceptions Program, and Bug Bounty Program > * Familiar with ...
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
SOC 2, ISO 27001, HIPAA, bug bounty programs • Jump into pre- and post-sales conversations as the security stakeholder • Help us move fast while keeping the right guardrails in place • Take ...
New
CNO Developer
Chantilly, VA · On-site
$130K - $178K/yr
... events, bug bounty programs, and speaking at the security conferences • Rapid Prototype Software Development Company : Accenture Federal Services is a leading US federal services company and ...
CNO Developer
Chantilly, VA · On-site
$130K - $178K/yr
... events, bug bounty programs, and speaking at the security conferences • Rapid Prototype Software Development Company : Accenture Federal Services is a leading US federal services company and ...
CNO Developer
Chantilly, VA · On-site
$129K - $177K/yr
Desire to contribute to CTF events, bug bounty programs, and speaking at the security conferences * Rapid Prototype Software Development Security Clearance: * Active TS/SCI level clearance. Must be ...
CNO Developer
Chantilly, VA · On-site
$129K - $177K/yr
Desire to contribute to CTF events, bug bounty programs, and speaking at the security conferences * Rapid Prototype Software Development Security Clearance: * Active TS/SCI level clearance. Must be ...
CNO Developer
Chantilly, VA · On-site
$130K - $178K/yr
... events, bug bounty programs, and speaking at the security conferences • Rapid Prototype Software Development Company : Accenture Federal Services is a leading US federal services company and ...
CNO Developer
Chantilly, VA · On-site
$130K - $178K/yr
... events, bug bounty programs, and speaking at the security conferences • Rapid Prototype Software Development Company : Accenture Federal Services is a leading US federal services company and ...
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
Experience managing cross-functional, large-scale technical security programs, including the Security Vulnerability Program, Security Exceptions Program, and Bug Bounty Program * Familiar with ...
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
Experience managing cross-functional, large-scale technical security programs, including the Security Vulnerability Program, Security Exceptions Program, and Bug Bounty Program * Familiar with ...
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
Experience managing cross-functional, large-scale technical security programs, including the Security Vulnerability Program, Security Exceptions Program, and Bug Bounty Program * Familiar with ...
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
Experience managing cross-functional, large-scale technical security programs, including the Security Vulnerability Program, Security Exceptions Program, and Bug Bounty Program * Familiar with ...
Senior Application Security Engineer
San Francisco, CA · On-site
$160K - $240K/yr
Hands-on experience in offensive security (eg, through bug bounty programs or CTFs) The salary range for this role is $160,000 - $240,000. The salary for this position is determined based on a ...
Senior Application Security Engineer
San Francisco, CA · On-site
$160K - $240K/yr
Hands-on experience in offensive security (eg, through bug bounty programs or CTFs) The salary range for this role is $160,000 - $240,000. The salary for this position is determined based on a ...
Bug Bounty Program information
See salary details
$16.35 - $22.01
6% of jobs
$22.01 - $27.67
14% of jobs
$31.30 is the 25th percentile. Wages below this are outliers.
$27.67 - $33.33
7% of jobs
$33.33 - $38.99
1% of jobs
$38.99 - $44.65
13% of jobs
The median wage is $47.88 / hr.
$44.65 - $50.31
15% of jobs
$50.31 - $55.97
3% of jobs
$55.97 - $61.63
9% of jobs
$65.30 is the 75th percentile. Wages above this are outliers.
$61.63 - $67.29
11% of jobs
$67.29 - $72.95
15% of jobs
$72.95 - $78.61
6% of jobs
$16
$49
$78
How much do bug bounty program jobs pay per hour?
As of Jun 5, 2026, the average hourly pay for bug bounty program in the United States is $49.60, according to ZipRecruiter salary data. Most workers in this role earn between $31.73 and $66.83 per hour, depending on experience, location, and employer.
What are some common challenges faced by professionals managing a Bug Bounty Program?
Professionals overseeing a Bug Bounty Program often encounter challenges such as efficiently triaging a high volume of vulnerability reports, ensuring clear communication with security researchers, and balancing quick response times with thorough investigation. Additionally, maintaining strong relationships with both internal development teams and external participants is crucial for program success. Staying updated on evolving security threats and continually refining program policies are ongoing responsibilities that require adaptability and collaboration.
What are the key skills and qualifications needed to thrive as a Bug Bounty Program participant, and why are they important?
To excel in a Bug Bounty Program, you need strong knowledge of cybersecurity fundamentals, vulnerability assessment, and web or software exploitation techniques, often backed by practical experience or certifications like OSCP or CEH. Familiarity with tools such as Burp Suite, Nmap, and Metasploit, as well as bug bounty platforms like HackerOne or Bugcrowd, is typically required. Critical thinking, persistence, and clear written communication are crucial soft skills for effectively identifying vulnerabilities and reporting them to organizations. These skills ensure you can discover security flaws efficiently, responsibly disclose them, and build a positive reputation in the cybersecurity community.
What is a Bug Bounty Program?
A Bug Bounty Program is an initiative offered by organizations that invites ethical hackers and security researchers to identify and report vulnerabilities in the company’s software, websites, or systems. Participants are typically rewarded with monetary compensation, recognition, or other incentives based on the severity of the bugs they find. These programs help organizations strengthen their security by leveraging the broader cybersecurity community, thus identifying issues before malicious hackers can exploit them. Bug bounty programs are widely used by tech companies to enhance security and build trust with users.
What is the difference between Bug Bounty Program vs Penetration Tester?
| Aspect | Bug Bounty Program | Penetration Tester |
|---|---|---|
| Credentials | Knowledge of security vulnerabilities, bug reporting skills | Certifications like OSCP, CEH, CISSP often preferred |
| Work Environment | Remote, project-based, crowdsourced | Consulting firms, in-house teams, on-site or remote |
| Industry Usage | Tech companies, startups, open security initiatives | Security firms, corporate security teams, government agencies |
| Search/Comparison Intent | Understanding crowdsourced bug finding vs professional testing | Comparing freelance or company-based security assessments |
The main difference is that Bug Bounty Programs are crowdsourced initiatives where individuals report vulnerabilities remotely, often without formal certifications. Penetration Testers are professionals with certifications who perform targeted security assessments, usually in a consulting or in-house setting. Both roles focus on identifying security flaws but differ in structure, credentials, and work environment.
More about Bug Bounty Program jobs
What cities are hiring for Bug Bounty Program jobs? Cities with the most Bug Bounty Program job openings:
What are the most commonly searched types of Bug Bounty Program jobs? The most popular types of Bug Bounty Program jobs are:
What states have the most Bug Bounty Program jobs? States with the most job openings for Bug Bounty Program jobs include:
What job categories do people searching Bug Bounty Program jobs look for? The top searched job categories for Bug Bounty Program jobs are:
Full-time
Posted 2 days ago
Job description
Job Summary:
Pylon is building the future of B2B Post Sales with an all-in-one support platform powered by conversational data. They are seeking a Software Engineer with a focus on security features to lead security review processes and engage in customer conversations.
Responsibilities:
• Build security features into the product: audit logging, RBAC, SCIM, SAML, and more
• Lead security review processes: SOC 2, ISO 27001, HIPAA, bug bounty programs
• Jump into pre- and post-sales conversations as the security stakeholder
• Help us move fast while keeping the right guardrails in place
• Take projects from customer request → design → ship
Qualifications:
Required:
• You’ve built or shipped security features before
• You’ve helped run security/compliance programs at a startup or fast-moving company
• You’re comfortable talking to customers and explaining technical decisions
• You thrive when you have autonomy, own as many of the details as possible, and project manage your own work
• You're in SF or you're willing to relocate, you love working in-person, and you're serious about joining us to build a culture we'll all love
• We work with React, Golang, GraphQL, and AWS
Company:
Pylon is building the first customer support platform built for B2B companies. Founded in 2022, the company is headquartered in San Francisco, USA, with a team of 51-200 employees. The company is currently Growth Stage.
Pylon is building the future of B2B Post Sales with an all-in-one support platform powered by conversational data. They are seeking a Software Engineer with a focus on security features to lead security review processes and engage in customer conversations.
Responsibilities:
• Build security features into the product: audit logging, RBAC, SCIM, SAML, and more
• Lead security review processes: SOC 2, ISO 27001, HIPAA, bug bounty programs
• Jump into pre- and post-sales conversations as the security stakeholder
• Help us move fast while keeping the right guardrails in place
• Take projects from customer request → design → ship
Qualifications:
Required:
• You’ve built or shipped security features before
• You’ve helped run security/compliance programs at a startup or fast-moving company
• You’re comfortable talking to customers and explaining technical decisions
• You thrive when you have autonomy, own as many of the details as possible, and project manage your own work
• You're in SF or you're willing to relocate, you love working in-person, and you're serious about joining us to build a culture we'll all love
• We work with React, Golang, GraphQL, and AWS
Company:
Pylon is building the first customer support platform built for B2B companies. Founded in 2022, the company is headquartered in San Francisco, USA, with a team of 51-200 employees. The company is currently Growth Stage.