Certifications such as OSWA or BSCP
Certifications such as OSWA or BSCP
OSCP, OSWA or equivalent certification is preferred. * Strong collaboration skills with a demonstrated ability to work closely with other teams across the division. Special Factors Sponsorship ...
OSCP, OSWA or equivalent certification is preferred. * Strong collaboration skills with a demonstrated ability to work closely with other teams across the division. Special Factors Sponsorship ...
OSCP, OSWA or equivalent certification is preferred. * Strong collaboration skills with a demonstrated ability to work closely with other teams across the division. Special Factors Sponsorship ...
OSCP, OSWA or equivalent certification is preferred. * Strong collaboration skills with a demonstrated ability to work closely with other teams across the division. Special Factors Sponsorship ...
OSCP, OSWA or equivalent certification is preferred. * Strong collaboration skills with a demonstrated ability to work closely with other teams across the division. Special Factors Sponsorship ...
OSCP, OSWA or equivalent certification is preferred. * Strong collaboration skills with a demonstrated ability to work closely with other teams across the division. Special Factors Sponsorship ...
Senior Web Application Penetration Tester
Annapolis, MD · On-site
$125K - $145K/yr
OSCP * OSWA * OSWE * CRTO * GWAPT * Other relevant hands-on offensive security certifications PREFERRED QUALIFICATIONS * Experience with cloud environments and post-exploitation activities.
Senior Web Application Penetration Tester
Annapolis, MD · On-site
$125K - $145K/yr
OSCP * OSWA * OSWE * CRTO * GWAPT * Other relevant hands-on offensive security certifications PREFERRED QUALIFICATIONS * Experience with cloud environments and post-exploitation activities.
Senior Web Application Penetration Tester
Annapolis, MD · On-site +1
$125K - $145K/yr
OSCP * OSWA * OSWE * CRTO * GWAPT * Other relevant hands-on offensive security certifications PREFERRED QUALIFICATIONS * Experience with cloud environments and post-exploitation activities.
Senior Web Application Penetration Tester
Annapolis, MD · On-site +1
$125K - $145K/yr
OSCP * OSWA * OSWE * CRTO * GWAPT * Other relevant hands-on offensive security certifications PREFERRED QUALIFICATIONS * Experience with cloud environments and post-exploitation activities.
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
FedCyber Supervisor - Cyber Compliance
Washington, DC · On-site
$125K - $169K/yr
Preferred, but not required - one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP ...
FedCyber Supervisor - Cyber Compliance
Washington, DC · On-site
$125K - $169K/yr
Preferred, but not required - one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
Senior Specialist, MAST Application Penetration Tester
Atlanta, GA · On-site
$95K - $208K/yr
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
Senior Specialist, MAST Application Penetration Tester
Atlanta, GA · On-site
$95K - $208K/yr
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
Senior Application Security Engineer
Charleston, WV · On-site +1
$54.25 - $72.75/hr
Certifications such as CSSLP, CISSP, OSWA, OSWE, GWAPT, or GMOB Nordstrom is able to offer remoteemployment of this position in all US statesexcept AR, MS, MT, ND, SD, VT, WV, and WY. Pay Range ...
Senior Application Security Engineer
Charleston, WV · On-site +1
$54.25 - $72.75/hr
Certifications such as CSSLP, CISSP, OSWA, OSWE, GWAPT, or GMOB Nordstrom is able to offer remoteemployment of this position in all US statesexcept AR, MS, MT, ND, SD, VT, WV, and WY. Pay Range ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
... OSWA) * Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to ...
Oswa information
What are Oswa?
What is the difference between Oswa vs Data Analyst?
| Aspect | Oswa | Data Analyst |
|---|---|---|
| Required Credentials | Typically requires a diploma or certification in data management or related fields | Bachelor's degree in statistics, mathematics, or related fields often required |
| Work Environment | Often works in data entry, database management, or administrative settings | Works in offices, tech companies, or consulting firms analyzing data sets |
| Employer & Industry Usage | Used in administrative, healthcare, or government sectors for data organization | Common in finance, marketing, healthcare, and tech industries for data analysis |
While Oswa focuses on data management and entry tasks, Data Analysts primarily analyze data to inform business decisions. Both roles require familiarity with data tools, but Data Analysts typically need stronger analytical skills and certifications. Understanding these differences helps job seekers target the right roles based on their skills and career goals.
What are the key skills and qualifications needed to thrive as an Oswa, and why are they important?

Job description
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team
In this role, you'll join Stripe's Vulnerability Management team, whose mission is to "Surface vulnerabilities at scale across Stripe." Our vision is to create a culture of continuous excellence in managing vulnerabilities. The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system."
What you'll do
We seek a highly technical and detail-oriented Security Analyst to join our team, focusing on the front lines of bug bounty triage and researcher engagement. In this role, you'll be responsible for the end-to-end lifecycle of security vulnerability reports from our bug bounty program. You'll own the overall effectiveness of Stripe's bug bounty program with autonomy to implement continuous improvements (e.g., researcher campaigns, scoring transparency).
You'll play a key role in understanding the root cause of vulnerabilities, coordinating timely resolutions, and directly impacting the security posture of Stripe's products. A core aspect of this role is developing a deep understanding of Stripe and acquired company products, assets, and their configuration to effectively assess and prioritize vulnerabilities.
Responsibilities
- Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program
- Communicate clearly and effectively with security researchers to follow up on unclear reports, drive report clarity, and increase engagement with top hackers
- Understand the root cause of security vulnerabilities to help product and engineering teams fix them, and advise on the right mitigation strategies
- Drive the lifecycle of submissions through to resolution, coordinating with product and engineering stakeholders
- Act as the security bridge between external researchers and internal teams to facilitate rapid and effective remediation
- Conduct in-depth data analysis on bug reports and vulnerability patterns to identify systemic risks and inform new security initiatives
- Provide tactical support for vulnerability management triage processes to augment the team as needed
- Prepare and implement improvements to the overall bug bounty program
- Provide feedback and requirements for tool development to enhance triage and security workflows, leveraging opportunities for automation
We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
- Proven ability to follow bug reports and accurately triage security vulnerabilities
- Familiarity with web security issues and exploit methodologies (e.g., OWASP Top 10, CWEs)
- Competent in offensive security tools (e.g., Burp Suite, custom scripting)
- Ability to think like an attacker to understand the impact of vulnerabilities
- Proficient in clear communication, conveying technical concepts to various stakeholders
- Experience in one of the following areas
- Bug bounty program or triaging security vulnerability reports
- Knowledge of Stripe products and general security expertise
- Experience in technical support, operations, or similar roles with technical systems exposure
- Prior participation in or experience with bug bounty programs
- Experience analyzing source code for security vulnerabilities
- Proficiency in scripting languages (e.g., Python, Ruby) for automation
- Familiarity with cloud-based services (e.g., AWS, GCP)
- Certifications such as OSWA or BSCP
About Stripe
Sourced by ZipRecruiter
Industry
Software development
Company size
1,001 - 5,000 Employees
Headquarters location
San Francisco, CA, US
Year founded
2010