The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system." What you'll do We seek a highly technical and detail-oriented ...
The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system." What you'll do We seek a highly technical and detail-oriented ...
They are seeking a Product Security Engineer to support their Bug Bounty program on a 6-month contract engagement, where the engineer will be responsible for triaging vulnerability reports and ...
They are seeking a Product Security Engineer to support their Bug Bounty program on a 6-month contract engagement, where the engineer will be responsible for triaging vulnerability reports and ...
The development of the AWS researcher community is paramount to ensuring the success of our program ... Bug Bounty Program into the best on planet Earth. Key job responsibilities - Researching ...
The development of the AWS researcher community is paramount to ensuring the success of our program ... Bug Bounty Program into the best on planet Earth. Key job responsibilities - Researching ...
Technical Program Manager, Bug Bounty
Seattle, WA · On-site
$146K - $190K/yr
Amazon's Bug Bounty team is looking for a Technical Program Manager (TPM) to help us secure the services and applications that Amazon customers rely on every day. In this role, you'll drive complex ...
Technical Program Manager, Bug Bounty
Seattle, WA · On-site
$146K - $190K/yr
Amazon's Bug Bounty team is looking for a Technical Program Manager (TPM) to help us secure the services and applications that Amazon customers rely on every day. In this role, you'll drive complex ...
Technical Program Manager, Bug Bounty
$146K - $190K/yr
Amazon's Bug Bounty team is looking for a Technical Program Manager (TPM) to help us secure the services and applications that Amazon customers rely on every day. In this role, you'll drive complex ...
Technical Program Manager, Bug Bounty
$146K - $190K/yr
Amazon's Bug Bounty team is looking for a Technical Program Manager (TPM) to help us secure the services and applications that Amazon customers rely on every day. In this role, you'll drive complex ...
The development of the AWS researcher community is paramount to ensuring the success of our program ... Bug Bounty Program into the best on planet Earth. Key job responsibilities - Researching ...
The development of the AWS researcher community is paramount to ensuring the success of our program ... Bug Bounty Program into the best on planet Earth. Key job responsibilities - Researching ...
Technical Program Manager, Bug Bounty
Seattle, WA · On-site
$146K - $190K/yr
Amazon's Bug Bounty team is looking for a Technical Program Manager (TPM) to help us secure the services and applications that Amazon customers rely on every day. In this role, you'll drive complex ...
Technical Program Manager, Bug Bounty
Seattle, WA · On-site
$146K - $190K/yr
Amazon's Bug Bounty team is looking for a Technical Program Manager (TPM) to help us secure the services and applications that Amazon customers rely on every day. In this role, you'll drive complex ...
Product Security Engineer
Lehi, UT · On-site
$67.61 - $84.51/hr
You will work closely with internal engineering and security stakeholders to drive remediation and improve the bug bounty program's effectiveness. This is a contract engagement expected to backfill a ...
Quick apply
Product Security Engineer
Lehi, UT · On-site
$67.61 - $84.51/hr
You will work closely with internal engineering and security stakeholders to drive remediation and improve the bug bounty program's effectiveness. This is a contract engagement expected to backfill a ...
Product Security Engineer
Lehi, UT · On-site
We are seeking a Product Security Engineer to support our Bug Bounty program on a 6-month contract engagement, backfilling a team member on leave. You will be the frontline responder for external ...
Product Security Engineer
Lehi, UT · On-site
We are seeking a Product Security Engineer to support our Bug Bounty program on a 6-month contract engagement, backfilling a team member on leave. You will be the frontline responder for external ...
Senior Application Security Engineer
Broomfield, CO · On-site
$59.25 - $79/hr
You will represent the organization to external security researchers via our Bug Bounty program, use a variety of tools to identify and manage application vulnerabilities, perform risk assessments ...
Senior Application Security Engineer
Broomfield, CO · On-site
$59.25 - $79/hr
You will represent the organization to external security researchers via our Bug Bounty program, use a variety of tools to identify and manage application vulnerabilities, perform risk assessments ...
Product Security Engineer (PSIRT - Product Security Incident Response Team)
Foster City, CA · On-site
$180K - $325K/yr
Bug Bounty & Vulnerability Disclosure Program Management * Design and evolve the bug bounty program, including scope, rules, and reward structures. * Manage platform selection, private vs. public ...
Product Security Engineer (PSIRT - Product Security Incident Response Team)
Foster City, CA · On-site
$180K - $325K/yr
Bug Bounty & Vulnerability Disclosure Program Management * Design and evolve the bug bounty program, including scope, rules, and reward structures. * Manage platform selection, private vs. public ...
Bug Bounty Program Management: Own and expand Vercel's bug bounty program. You will triage and validate incoming vulnerability reports from the security researcher community, ensure critical issues ...
Bug Bounty Program Management: Own and expand Vercel's bug bounty program. You will triage and validate incoming vulnerability reports from the security researcher community, ensure critical issues ...
Senior Application Security Engineer
Broomfield, CO · On-site
$59.25 - $79/hr
You will represent the organization to external security researchers via our Bug Bounty program, use a variety of tools to identify and manage application vulnerabilities, perform risk assessments ...
Senior Application Security Engineer
Broomfield, CO · On-site
$59.25 - $79/hr
You will represent the organization to external security researchers via our Bug Bounty program, use a variety of tools to identify and manage application vulnerabilities, perform risk assessments ...
Senior Application Security Engineer
Broomfield, CO · On-site
$59.25 - $79/hr
You will represent the organization to external security researchers via our Bug Bounty program, use a variety of tools to identify and manage application vulnerabilities, perform risk assessments ...
Quick apply
Senior Application Security Engineer
Broomfield, CO · On-site
$59.25 - $79/hr
You will represent the organization to external security researchers via our Bug Bounty program, use a variety of tools to identify and manage application vulnerabilities, perform risk assessments ...
Staff+ Application Security Engineer
San Francisco, CA · On-site +1
$320K - $485K/yr
Evolve a public bug bounty program where automation handles routine triage and root-cause work, and engineers handle escalations and corner cases * Partner with Product, Infrastructure, and Research ...
Staff+ Application Security Engineer
San Francisco, CA · On-site +1
$320K - $485K/yr
Evolve a public bug bounty program where automation handles routine triage and root-cause work, and engineers handle escalations and corner cases * Partner with Product, Infrastructure, and Research ...
Senior Application Security & DevSecOps Engineer
Chicago, IL · On-site
$60.50 - $80.75/hr
Bug Bounty Program * Own and operate our bug bounty program (e.g., HackerOne / Bugcrowd): scope definition, researcher communication, triage, deduplication, severity, and payout coordination. * Close ...
Senior Application Security & DevSecOps Engineer
Chicago, IL · On-site
$60.50 - $80.75/hr
Bug Bounty Program * Own and operate our bug bounty program (e.g., HackerOne / Bugcrowd): scope definition, researcher communication, triage, deduplication, severity, and payout coordination. * Close ...
Security Engineer, Application Security
New York, NY · On-site
$130K - $400K/yr
Bug bounty program operations - triaging HackerOne reports, validating findings, and driving fixes to closure What We're Looking For * You've found and fixed real vulnerabilities in production ...
Security Engineer, Application Security
New York, NY · On-site
$130K - $400K/yr
Bug bounty program operations - triaging HackerOne reports, validating findings, and driving fixes to closure What We're Looking For * You've found and fixed real vulnerabilities in production ...
Senior Product Security Engineer
OR · On-site +1
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts. * Security Automation : Develop and implement ...
Senior Product Security Engineer
OR · On-site +1
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts. * Security Automation : Develop and implement ...
You will combine hands-on technical leadership with people management, overseeing programs that include subcomponents of Apple's bug bounty program, proactive vulnerability discovery, WAF rule ...
You will combine hands-on technical leadership with people management, overseeing programs that include subcomponents of Apple's bug bounty program, proactive vulnerability discovery, WAF rule ...
Lead the end to end technical onboarding and configuration of Bug Bounty, Vulnerability Disclosure, Red team and pentest programs for new and existing customers. * Translate customer security ...
Lead the end to end technical onboarding and configuration of Bug Bounty, Vulnerability Disclosure, Red team and pentest programs for new and existing customers. * Translate customer security ...
Hourly Bug Bounty Program information
See salary details
$33.5K - $44.6K
6% of jobs
$44.6K - $55.7K
5% of jobs
$55.7K - $66.8K
9% of jobs
$71.7K is the 25th percentile. Wages below this are outliers.
$66.8K - $77.9K
9% of jobs
$77.9K - $89K
16% of jobs
The median wage is $95.3K / yr.
$89K - $100K
7% of jobs
$100K - $111.1K
4% of jobs
$111.1K - $122.2K
15% of jobs
$124.6K is the 75th percentile. Wages above this are outliers.
$122.2K - $133.3K
15% of jobs
$133.3K - $144.4K
8% of jobs
$144.4K - $155.5K
5% of jobs
$33.5K
$100.4K
$155.5K
How much do hourly bug bounty program jobs pay per year?
Which bug bounty pays the most?
What are some common challenges faced by participants in an hourly bug bounty program, and how can they overcome them?
How much money can you make doing bug bounties?
What is an Hourly Bug Bounty Program?
What companies pay bug bounties?
How much does Amazon pay for bug bounty?
What are the key skills and qualifications needed to thrive as an Hourly Bug Bounty Program participant, and why are they important?

Job description
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team
In this role, you'll join Stripe's Vulnerability Management team, whose mission is to "Surface vulnerabilities at scale across Stripe." Our vision is to create a culture of continuous excellence in managing vulnerabilities. The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system."
What you'll do
We seek a highly technical and detail-oriented Security Analyst to join our team, focusing on the front lines of bug bounty triage and researcher engagement. In this role, you'll be responsible for the end-to-end lifecycle of security vulnerability reports from our bug bounty program. You'll own the overall effectiveness of Stripe's bug bounty program with autonomy to implement continuous improvements (e.g., researcher campaigns, scoring transparency).
You'll play a key role in understanding the root cause of vulnerabilities, coordinating timely resolutions, and directly impacting the security posture of Stripe's products. A core aspect of this role is developing a deep understanding of Stripe and acquired company products, assets, and their configuration to effectively assess and prioritize vulnerabilities.
Responsibilities
- Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program
- Communicate clearly and effectively with security researchers to follow up on unclear reports, drive report clarity, and increase engagement with top hackers
- Understand the root cause of security vulnerabilities to help product and engineering teams fix them, and advise on the right mitigation strategies
- Drive the lifecycle of submissions through to resolution, coordinating with product and engineering stakeholders
- Act as the security bridge between external researchers and internal teams to facilitate rapid and effective remediation
- Conduct in-depth data analysis on bug reports and vulnerability patterns to identify systemic risks and inform new security initiatives
- Provide tactical support for vulnerability management triage processes to augment the team as needed
- Prepare and implement improvements to the overall bug bounty program
- Provide feedback and requirements for tool development to enhance triage and security workflows, leveraging opportunities for automation
We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
- Proven ability to follow bug reports and accurately triage security vulnerabilities
- Familiarity with web security issues and exploit methodologies (e.g., OWASP Top 10, CWEs)
- Competent in offensive security tools (e.g., Burp Suite, custom scripting)
- Ability to think like an attacker to understand the impact of vulnerabilities
- Proficient in clear communication, conveying technical concepts to various stakeholders
- Experience in one of the following areas
- Bug bounty program or triaging security vulnerability reports
- Knowledge of Stripe products and general security expertise
- Experience in technical support, operations, or similar roles with technical systems exposure
- Prior participation in or experience with bug bounty programs
- Experience analyzing source code for security vulnerabilities
- Proficiency in scripting languages (e.g., Python, Ruby) for automation
- Familiarity with cloud-based services (e.g., AWS, GCP)
- Certifications such as OSWA or BSCP
About Stripe
Sourced by ZipRecruiter
Industry
Software development
Company size
1,001 - 5,000 Employees
Headquarters location
San Francisco, CA, US
Year founded
2010