The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system." What you'll do We seek a highly technical and detail-oriented ...
The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system." What you'll do We seek a highly technical and detail-oriented ...
With a growing engineering org, an active bug bounty program fielding 30+ open submissions at any ... Remote first global workforce * Industry leading Medical, Dental and Vision health insurance*
With a growing engineering org, an active bug bounty program fielding 30+ open submissions at any ... Remote first global workforce * Industry leading Medical, Dental and Vision health insurance*
Senior Vulnerability Engineer
$117K - $160K/yr
This is a 100% remote position, with an opportunity to work a hybrid schedule for candidates based ... Support the execution of red team exercises, penetration tests, and bug bounty programs in ...
Senior Vulnerability Engineer
$117K - $160K/yr
This is a 100% remote position, with an opportunity to work a hybrid schedule for candidates based ... Support the execution of red team exercises, penetration tests, and bug bounty programs in ...
Senior Product Security Engineer
OR · On-site +1
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts. * Security Automation : Develop and implement ...
Senior Product Security Engineer
OR · On-site +1
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts. * Security Automation : Develop and implement ...
Senior Product Security Engineer
$117K - $160K/yr
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts. * Security Automation : Develop and implement ...
Senior Product Security Engineer
$117K - $160K/yr
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts. * Security Automation : Develop and implement ...
... bug bounty programs to keep pace with a rapidly growing engineering organization. Qualifications : Required : • 12+ years of hands-on experience in Product Security, Application Security, or Cloud ...
... bug bounty programs to keep pace with a rapidly growing engineering organization. Qualifications : Required : • 12+ years of hands-on experience in Product Security, Application Security, or Cloud ...
Professional penetration testing or Bug Bounty experience. Preferred Certifications: * OSCP, OSWA, OSWE, eWPT, BSCP, GPEN, or GWAPT. Job Type: Remote Time Zone: CST Duration : 3M+ Extendible
Professional penetration testing or Bug Bounty experience. Preferred Certifications: * OSCP, OSWA, OSWE, eWPT, BSCP, GPEN, or GWAPT. Job Type: Remote Time Zone: CST Duration : 3M+ Extendible
Senior Product Security Engineer
$117K - $160K/yr
... bug bounty programs to keep pace with a rapidly growing engineering organization. Qualifications : Required : • 6+ years of hands-on experience in Product Security, Application Security, or Cloud ...
Senior Product Security Engineer
$117K - $160K/yr
... bug bounty programs to keep pace with a rapidly growing engineering organization. Qualifications : Required : • 6+ years of hands-on experience in Product Security, Application Security, or Cloud ...
Senior Application Security Engineer (Offensive / Red Team)
$117K - $160K/yr
Bug Bounty Program Management: Manage the bug bounty program end to end - triage, impact assessment ... More details about our company benefits can be found at This opportunity can be remote, but ...
Senior Application Security Engineer (Offensive / Red Team)
$117K - $160K/yr
Bug Bounty Program Management: Manage the bug bounty program end to end - triage, impact assessment ... More details about our company benefits can be found at This opportunity can be remote, but ...
Senior Application Security Engineer
Meridian, ID · Remote
$111K - $152K/yr
This role will be remote. About the Opportunity 👉 Write a clear, high-level overview of the role ... Investigate, triage, and respond to Bug Bounty program submissions, validating findings and working ...
Senior Application Security Engineer
Meridian, ID · Remote
$111K - $152K/yr
This role will be remote. About the Opportunity 👉 Write a clear, high-level overview of the role ... Investigate, triage, and respond to Bug Bounty program submissions, validating findings and working ...
... our bug bounty program • Partner with engineering teams to design and deploy solutions which are inherently secure • Champion the use of tooling (linters, static analysis, posture assessment ...
... our bug bounty program • Partner with engineering teams to design and deploy solutions which are inherently secure • Champion the use of tooling (linters, static analysis, posture assessment ...
Senior Security Engineer - Automation
OR · Remote
$117K - $160K/yr
We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage ... Create the home office of your dreams \uD83D\uDC5B Remote working allowance: Those working fully ...
Quick apply
Senior Security Engineer - Automation
OR · Remote
$117K - $160K/yr
We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage ... Create the home office of your dreams \uD83D\uDC5B Remote working allowance: Those working fully ...
Senior Security Engineer - Automation
$117K - $160K/yr
We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage ... Create the home office of your dreams Remote working allowance: Those working fully remotely get a ...
Senior Security Engineer - Automation
$117K - $160K/yr
We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage ... Create the home office of your dreams Remote working allowance: Those working fully remotely get a ...
Staff+ Application Security Engineer
San Francisco, CA · On-site +1
$69.25 - $92.50/hr
Oversee Anthropic's bug bounty program. Set scope, validate submissions, perform root cause analysis, coordinate remediation with engineering teams, and award bounties. Cultivate relationships with ...
Staff+ Application Security Engineer
San Francisco, CA · On-site +1
$69.25 - $92.50/hr
Oversee Anthropic's bug bounty program. Set scope, validate submissions, perform root cause analysis, coordinate remediation with engineering teams, and award bounties. Cultivate relationships with ...
Technical Program Manager - Security
Seattle, WA · On-site +1
$130K - $170K/yr
We are open to remote. Your Daily Adventures Will Include: * Drive security vulnerability ... Program, and Bug Bounty Program * Familiar with security tooling and system integrations
Technical Program Manager - Security
Seattle, WA · On-site +1
$130K - $170K/yr
We are open to remote. Your Daily Adventures Will Include: * Drive security vulnerability ... Program, and Bug Bounty Program * Familiar with security tooling and system integrations
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
We are open to remote. Your Daily Adventures Will Include: * Drive security vulnerability ... Program, and Bug Bounty Program * Familiar with security tooling and system integrations
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
We are open to remote. Your Daily Adventures Will Include: * Drive security vulnerability ... Program, and Bug Bounty Program * Familiar with security tooling and system integrations
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
We are open to remote. Your Daily Adventures Will Include: * Drive security vulnerability ... Program, and Bug Bounty Program * Familiar with security tooling and system integrations
Technical Program Manager - Security
Seattle, WA · Remote
$130K - $170K/yr
We are open to remote. Your Daily Adventures Will Include: * Drive security vulnerability ... Program, and Bug Bounty Program * Familiar with security tooling and system integrations
Security Engineer
San Francisco, CA · Remote
Help run penetration testing, offensive security exercises, and support our bug bounty program ... Remote
Security Engineer
San Francisco, CA · Remote
Help run penetration testing, offensive security exercises, and support our bug bounty program ... Remote
Member of Technical Staff (Software Engineer, Security)
New York, NY · On-site +1
$220K - $405K/yr
Develop and operate systems and workflows that support the bug bounty and vulnerability disclosure program, including intake, triage, prioritization, and remediation tracking. * Partner with product ...
Member of Technical Staff (Software Engineer, Security)
New York, NY · On-site +1
$220K - $405K/yr
Develop and operate systems and workflows that support the bug bounty and vulnerability disclosure program, including intake, triage, prioritization, and remediation tracking. * Partner with product ...
Application Security Engineer- Remote
$60.25 - $80.25/hr
Application Security Engineer - Remote or Hybrid | Cary, North Carolina We're a leader in data and ... Triage security findings received through a public bug bounty program, communicating with both the ...
Application Security Engineer- Remote
$60.25 - $80.25/hr
Application Security Engineer - Remote or Hybrid | Cary, North Carolina We're a leader in data and ... Triage security findings received through a public bug bounty program, communicating with both the ...
Remote Bug Bounty Program information
See salary details
$16.35 - $22.01
6% of jobs
$22.01 - $27.67
14% of jobs
$31.30 is the 25th percentile. Wages below this are outliers.
$27.67 - $33.33
7% of jobs
$33.33 - $38.99
1% of jobs
$38.99 - $44.65
13% of jobs
The median wage is $47.88 / hr.
$44.65 - $50.31
15% of jobs
$50.31 - $55.97
3% of jobs
$55.97 - $61.63
9% of jobs
$65.30 is the 75th percentile. Wages above this are outliers.
$61.63 - $67.29
11% of jobs
$67.29 - $72.95
15% of jobs
$72.95 - $78.61
6% of jobs
$16
$49
$78
How much do remote bug bounty program jobs pay per hour?
As of Jun 21, 2026, the average hourly pay for remote bug bounty program in the United States is $49.60, according to ZipRecruiter salary data. Most workers in this role earn between $31.73 and $66.83 per hour, depending on experience, location, and employer.
What are Remote Bug Bounty Programs?
Remote Bug Bounty Programs are initiatives run by organizations that invite independent security researchers, or 'bug hunters,' to find and report vulnerabilities in their software or systems. These programs are conducted entirely online, allowing participants from around the world to contribute remotely. Companies offer monetary rewards or other incentives for valid and impactful security findings. This approach helps organizations strengthen their security by leveraging a global pool of ethical hackers, while participants gain recognition and compensation for their expertise.
What are the biggest challenges faced by participants in a remote bug bounty program, and how can they be addressed?
One of the main challenges in remote bug bounty programs is staying motivated and disciplined without direct oversight, as participants often work independently. Additionally, understanding the specific security requirements and scope of each program can be complex, especially when dealing with varied platforms and reporting standards. To overcome these challenges, it's important to set personal goals, join online communities for peer support, and thoroughly review each program's documentation before starting. Effective communication with program coordinators can also help clarify expectations and facilitate successful submissions.
What is the difference between Remote Bug Bounty Program vs Remote Penetration Tester?
| Aspect | Remote Bug Bounty Program | Remote Penetration Tester |
|---|---|---|
| Credentials | Typically no formal certifications required, but cybersecurity knowledge helps | Often holds certifications like OSCP, CEH, or CISSP |
| Work Environment | Participates remotely, often independently, on various platforms | Works remotely or on-site for clients, conducting security assessments |
| Employer & Industry Usage | Used by companies to crowdsource security testing; industry-wide | Employed by organizations or consulting firms to perform security audits |
While both roles focus on cybersecurity, a Remote Bug Bounty Program involves independent testing on platforms to find vulnerabilities, whereas a Remote Penetration Tester conducts comprehensive security assessments for organizations, often with formal credentials and direct client engagement.
What are the key skills and qualifications needed to thrive in a Remote Bug Bounty Program role, and why are they important?
To thrive in a Remote Bug Bounty Program role, you need a strong background in cybersecurity, vulnerability assessment, and ethical hacking, often supported by experience in penetration testing and security certifications like OSCP or CEH. Familiarity with tools such as Burp Suite, Nmap, Metasploit, and various bug bounty platforms is essential. Attention to detail, persistence, effective communication, and self-motivation are standout soft skills for this position. These abilities are crucial for identifying and responsibly reporting security vulnerabilities that help organizations strengthen their defenses.
More about Remote Bug Bounty Program jobs
What cities are hiring for Remote Bug Bounty Program jobs? Cities with the most Remote Bug Bounty Program job openings:
What are the most commonly searched types of Bug Bounty Program jobs? The most popular types of Bug Bounty Program jobs are:
What states have the most Remote Bug Bounty Program jobs? States with the most job openings for Remote Bug Bounty Program jobs include:
What job categories do people searching Remote Bug Bounty Program jobs look for? The top searched job categories for Remote Bug Bounty Program jobs are:
Job description
Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team
In this role, you'll join Stripe's Vulnerability Management team, whose mission is to "Surface vulnerabilities at scale across Stripe." Our vision is to create a culture of continuous excellence in managing vulnerabilities. The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system."
What you'll do
We seek a highly technical and detail-oriented Security Analyst to join our team, focusing on the front lines of bug bounty triage and researcher engagement. In this role, you'll be responsible for the end-to-end lifecycle of security vulnerability reports from our bug bounty program. You'll own the overall effectiveness of Stripe's bug bounty program with autonomy to implement continuous improvements (e.g., researcher campaigns, scoring transparency).
You'll play a key role in understanding the root cause of vulnerabilities, coordinating timely resolutions, and directly impacting the security posture of Stripe's products. A core aspect of this role is developing a deep understanding of Stripe and acquired company products, assets, and their configuration to effectively assess and prioritize vulnerabilities.
Responsibilities
We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team
In this role, you'll join Stripe's Vulnerability Management team, whose mission is to "Surface vulnerabilities at scale across Stripe." Our vision is to create a culture of continuous excellence in managing vulnerabilities. The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe's security "immune system."
What you'll do
We seek a highly technical and detail-oriented Security Analyst to join our team, focusing on the front lines of bug bounty triage and researcher engagement. In this role, you'll be responsible for the end-to-end lifecycle of security vulnerability reports from our bug bounty program. You'll own the overall effectiveness of Stripe's bug bounty program with autonomy to implement continuous improvements (e.g., researcher campaigns, scoring transparency).
You'll play a key role in understanding the root cause of vulnerabilities, coordinating timely resolutions, and directly impacting the security posture of Stripe's products. A core aspect of this role is developing a deep understanding of Stripe and acquired company products, assets, and their configuration to effectively assess and prioritize vulnerabilities.
Responsibilities
- Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program
- Communicate clearly and effectively with security researchers to follow up on unclear reports, drive report clarity, and increase engagement with top hackers
- Understand the root cause of security vulnerabilities to help product and engineering teams fix them, and advise on the right mitigation strategies
- Drive the lifecycle of submissions through to resolution, coordinating with product and engineering stakeholders
- Act as the security bridge between external researchers and internal teams to facilitate rapid and effective remediation
- Conduct in-depth data analysis on bug reports and vulnerability patterns to identify systemic risks and inform new security initiatives
- Provide tactical support for vulnerability management triage processes to augment the team as needed
- Prepare and implement improvements to the overall bug bounty program
- Provide feedback and requirements for tool development to enhance triage and security workflows, leveraging opportunities for automation
We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
- Proven ability to follow bug reports and accurately triage security vulnerabilities
- Familiarity with web security issues and exploit methodologies (e.g., OWASP Top 10, CWEs)
- Competent in offensive security tools (e.g., Burp Suite, custom scripting)
- Ability to think like an attacker to understand the impact of vulnerabilities
- Proficient in clear communication, conveying technical concepts to various stakeholders
- Experience in one of the following areas
- Bug bounty program or triaging security vulnerability reports
- Knowledge of Stripe products and general security expertise
- Experience in technical support, operations, or similar roles with technical systems exposure
- Prior participation in or experience with bug bounty programs
- Experience analyzing source code for security vulnerabilities
- Proficiency in scripting languages (e.g., Python, Ruby) for automation
- Familiarity with cloud-based services (e.g., AWS, GCP)
- Certifications such as OSWA or BSCP
About Stripe
Sourced by ZipRecruiter
Industry
Software development
Company size
1,001 - 5,000 Employees
Headquarters location
San Francisco, CA, US
Year founded
2010