... the bug bounty program, including triage, response processes, and improvements to vulnerability management workflows. • Develop security standards, playbooks, and training programs that make ...
... the bug bounty program, including triage, response processes, and improvements to vulnerability management workflows. • Develop security standards, playbooks, and training programs that make ...
Application Security Engineer
Post Falls, ID · On-site +1
$175K/yr
This is a remote position, but if you're near one of our local offices, you're welcome to come ... party bug bounty program pen tester, or in a similar security type role. Your job will be to ...
Application Security Engineer
Post Falls, ID · On-site +1
$175K/yr
This is a remote position, but if you're near one of our local offices, you're welcome to come ... party bug bounty program pen tester, or in a similar security type role. Your job will be to ...
AppSec SME
$60.25 - $80.25/hr
Monitor and track the Bug bounty vulnerabilities and remediation closure * Track the coverage of ... Manage the program and communicate with client team * Identify, manage risks and provide risks ...
AppSec SME
$60.25 - $80.25/hr
Monitor and track the Bug bounty vulnerabilities and remediation closure * Track the coverage of ... Manage the program and communicate with client team * Identify, manage risks and provide risks ...
Active involvement in cybersecurity communities, research, or bug bounty programs * Certifications ... Flexible work hours with hybrid remote options * Opportunity to work with international ...
Active involvement in cybersecurity communities, research, or bug bounty programs * Certifications ... Flexible work hours with hybrid remote options * Opportunity to work with international ...
Sr. Application Security Engineer
Charleston, WV · Remote
$60.25 - $80.25/hr
... moving, remote-first environment. Essential Functions and Responsibilities: * Lead security ... Own and operate the company's bug bounty program end-to-end: define program strategy and scope ...
Quick apply
Sr. Application Security Engineer
Charleston, WV · Remote
$60.25 - $80.25/hr
... moving, remote-first environment. Essential Functions and Responsibilities: * Lead security ... Own and operate the company's bug bounty program end-to-end: define program strategy and scope ...
$106K - $145K/yr
... programs. We are an EMI-licensed fintech, use AI heavily, and we are growing fast. We need someone ... bug bounty. Drive findings to closure and feed recurring issues back into preventive controls.
$106K - $145K/yr
... programs. We are an EMI-licensed fintech, use AI heavily, and we are growing fast. We need someone ... bug bounty. Drive findings to closure and feed recurring issues back into preventive controls.
Archon Labs - Blockchain Developer
San Francisco, CA · On-site +1
Experience with formal verification, bug bounty programs, or audit coordination. * Familiarity with time-series and relational data models. * Exposure to infrastructure basics such as containers and ...
Archon Labs - Blockchain Developer
San Francisco, CA · On-site +1
Experience with formal verification, bug bounty programs, or audit coordination. * Familiarity with time-series and relational data models. * Exposure to infrastructure basics such as containers and ...
Principal Application Security Engineer
OR · Remote
$58.75 - $78.50/hr
This role can be fully remote and must reside in US. In this role, you will help us drive our ... Drive our security assessment, penetration testing and bug bounty programs * Participate in ...
Principal Application Security Engineer
OR · Remote
$58.75 - $78.50/hr
This role can be fully remote and must reside in US. In this role, you will help us drive our ... Drive our security assessment, penetration testing and bug bounty programs * Participate in ...
Sr. Application Security Engineer
$60.25 - $80.25/hr
... moving, remote-first environment. Essential Functions and Responsibilities: * Lead security ... Own and operate the company's bug bounty program end-to-end: define program strategy and scope ...
Sr. Application Security Engineer
$60.25 - $80.25/hr
... moving, remote-first environment. Essential Functions and Responsibilities: * Lead security ... Own and operate the company's bug bounty program end-to-end: define program strategy and scope ...
Senior Application Security Engineer
Austin, TX · Remote
$180K - $210K/yr
Background meaningfully contributing to a bug bounty program * Experience with identity and access ... Remote
Senior Application Security Engineer
Austin, TX · Remote
$180K - $210K/yr
Background meaningfully contributing to a bug bounty program * Experience with identity and access ... Remote
Remote (U.S.) - Georgia preferred This is a fully remote role. Candidates must be authorized to ... bug bounty programs • Security research publications or blog posts • Contributions to open ...
Remote (U.S.) - Georgia preferred This is a fully remote role. Candidates must be authorized to ... bug bounty programs • Security research publications or blog posts • Contributions to open ...
Security Engineer
San Francisco, CA · Remote
This is a remote first role. You will partner closely with teams across the company and focus on ... Help run penetration testing, offensive security exercises, and support our bug bounty program.
Security Engineer
San Francisco, CA · Remote
This is a remote first role. You will partner closely with teams across the company and focus on ... Help run penetration testing, offensive security exercises, and support our bug bounty program.
Enterprise Account Executive
Chicago, IL · On-site +1
Prior experience selling crowdsourced security, Bug Bounty, or Attack Surface Management solutions ... Environment - remote, work-from-home 100% of the time. Pay Range Disclosure At Bugcrowd, we strive ...
Enterprise Account Executive
Chicago, IL · On-site +1
Prior experience selling crowdsourced security, Bug Bounty, or Attack Surface Management solutions ... Environment - remote, work-from-home 100% of the time. Pay Range Disclosure At Bugcrowd, we strive ...
Staff Security Engineer
Palo Alto, CA · Remote
... bug bounty program, including triage, response processes, and improvements to vulnerability ... We\'re remote, but we regularly get together **We have been made aware of individuals falsely ...
Staff Security Engineer
Palo Alto, CA · Remote
... bug bounty program, including triage, response processes, and improvements to vulnerability ... We\'re remote, but we regularly get together **We have been made aware of individuals falsely ...
Senior Product Security Engineer II
OR · Remote
$114K - $156K/yr
Bug bounty research experience #LI-Remote
New
Senior Product Security Engineer II
OR · Remote
$114K - $156K/yr
Bug bounty research experience #LI-Remote
New
Security Engineer, Product
New York, NY · Remote
$257K - $354K/yr
... bug bounty program * Partner with engineering teams to design and deploy solutions which are inherently secure * Champion the use of tooling (linters, static analysis, posture assessment scanners ...
Quick apply
Security Engineer, Product
New York, NY · Remote
$257K - $354K/yr
... bug bounty program * Partner with engineering teams to design and deploy solutions which are inherently secure * Champion the use of tooling (linters, static analysis, posture assessment scanners ...
Engineer Sr., Application Security
Miami, FL · Remote
$56.25 - $75/hr
... bug bounty programs. * Implement and automate new governance processes and controls to ensure that ... This position is classified as "remote." As a remote role, it allows employees to work full-time ...
Engineer Sr., Application Security
Miami, FL · Remote
$56.25 - $75/hr
... bug bounty programs. * Implement and automate new governance processes and controls to ensure that ... This position is classified as "remote." As a remote role, it allows employees to work full-time ...
Information Security Technical Analyst
Oakland, CA · Remote
$45 - $55/hr
Remote (West Coast - PST) Duration: 12-Month Contract Travel: None Compensation: $45-55/hr Note: A ... Support bug bounty programs by prioritizing and coordinating remediation efforts * Contribute to ...
Quick apply
Information Security Technical Analyst
Oakland, CA · Remote
$45 - $55/hr
Remote (West Coast - PST) Duration: 12-Month Contract Travel: None Compensation: $45-55/hr Note: A ... Support bug bounty programs by prioritizing and coordinating remediation efforts * Contribute to ...
Information Security Technical Analyst
Oakland, CA · Remote
$45 - $55/hr
Remote (West Coast - PST) Duration: 12-Month Contract Travel: None Compensation: $45-55/hr Note: A ... Support bug bounty programs by prioritizing and coordinating remediation efforts * Contribute to ...
Quick apply
Information Security Technical Analyst
Oakland, CA · Remote
$45 - $55/hr
Remote (West Coast - PST) Duration: 12-Month Contract Travel: None Compensation: $45-55/hr Note: A ... Support bug bounty programs by prioritizing and coordinating remediation efforts * Contribute to ...
Engineer Sr., Application Security
Miami, FL · Remote
$56.25 - $75/hr
... bug bounty programs. * Implement and automate new governance processes and controls to ensure that ... This position is classified as "remote." As a remote role, it allows employees to work full-time ...
Engineer Sr., Application Security
Miami, FL · Remote
$56.25 - $75/hr
... bug bounty programs. * Implement and automate new governance processes and controls to ensure that ... This position is classified as "remote." As a remote role, it allows employees to work full-time ...
Remote Bug Bounty Program information
See salary details
$16.35 - $22.01
6% of jobs
$22.01 - $27.67
14% of jobs
$31.30 is the 25th percentile. Wages below this are outliers.
$27.67 - $33.33
7% of jobs
$33.33 - $38.99
1% of jobs
$38.99 - $44.65
13% of jobs
The median wage is $47.88 / hr.
$44.65 - $50.31
15% of jobs
$50.31 - $55.97
3% of jobs
$55.97 - $61.63
9% of jobs
$65.30 is the 75th percentile. Wages above this are outliers.
$61.63 - $67.29
11% of jobs
$67.29 - $72.95
15% of jobs
$72.95 - $78.61
6% of jobs
$16
$49
$78
How much do remote bug bounty program jobs pay per hour?
As of Jun 21, 2026, the average hourly pay for remote bug bounty program in the United States is $49.60, according to ZipRecruiter salary data. Most workers in this role earn between $31.73 and $66.83 per hour, depending on experience, location, and employer.
What are Remote Bug Bounty Programs?
Remote Bug Bounty Programs are initiatives run by organizations that invite independent security researchers, or 'bug hunters,' to find and report vulnerabilities in their software or systems. These programs are conducted entirely online, allowing participants from around the world to contribute remotely. Companies offer monetary rewards or other incentives for valid and impactful security findings. This approach helps organizations strengthen their security by leveraging a global pool of ethical hackers, while participants gain recognition and compensation for their expertise.
What are the biggest challenges faced by participants in a remote bug bounty program, and how can they be addressed?
One of the main challenges in remote bug bounty programs is staying motivated and disciplined without direct oversight, as participants often work independently. Additionally, understanding the specific security requirements and scope of each program can be complex, especially when dealing with varied platforms and reporting standards. To overcome these challenges, it's important to set personal goals, join online communities for peer support, and thoroughly review each program's documentation before starting. Effective communication with program coordinators can also help clarify expectations and facilitate successful submissions.
What is the difference between Remote Bug Bounty Program vs Remote Penetration Tester?
| Aspect | Remote Bug Bounty Program | Remote Penetration Tester |
|---|---|---|
| Credentials | Typically no formal certifications required, but cybersecurity knowledge helps | Often holds certifications like OSCP, CEH, or CISSP |
| Work Environment | Participates remotely, often independently, on various platforms | Works remotely or on-site for clients, conducting security assessments |
| Employer & Industry Usage | Used by companies to crowdsource security testing; industry-wide | Employed by organizations or consulting firms to perform security audits |
While both roles focus on cybersecurity, a Remote Bug Bounty Program involves independent testing on platforms to find vulnerabilities, whereas a Remote Penetration Tester conducts comprehensive security assessments for organizations, often with formal credentials and direct client engagement.
What are the key skills and qualifications needed to thrive in a Remote Bug Bounty Program role, and why are they important?
To thrive in a Remote Bug Bounty Program role, you need a strong background in cybersecurity, vulnerability assessment, and ethical hacking, often supported by experience in penetration testing and security certifications like OSCP or CEH. Familiarity with tools such as Burp Suite, Nmap, Metasploit, and various bug bounty platforms is essential. Attention to detail, persistence, effective communication, and self-motivation are standout soft skills for this position. These abilities are crucial for identifying and responsibly reporting security vulnerabilities that help organizations strengthen their defenses.
More about Remote Bug Bounty Program jobs
What cities are hiring for Remote Bug Bounty Program jobs? Cities with the most Remote Bug Bounty Program job openings:
What are the most commonly searched types of Bug Bounty Program jobs? The most popular types of Bug Bounty Program jobs are:
What states have the most Remote Bug Bounty Program jobs? States with the most job openings for Remote Bug Bounty Program jobs include:
What job categories do people searching Remote Bug Bounty Program jobs look for? The top searched job categories for Remote Bug Bounty Program jobs are:
Job description
Job Summary:
Assured is on a mission to modernize insurance by providing large insurers with software solutions for claims processing. The Staff Security Engineer will scale and mature security across the platform, working closely with engineering and product teams to embed security in software development and operations.
Responsibilities:
• Lead security architecture and design reviews across applications, infrastructure, and integrations to ensure secure patterns are embedded early in the development lifecycle.
• Conduct and coordinate penetration testing, threat modeling, and security reviews for critical services, new features, and third-party integrations.
• Design and implement security automation within CI/CD pipelines to ensure secure coding practices and infrastructure policies are enforced at scale.
• Partner with infrastructure and DevOps teams to secure cloud platforms (AWS) and improve identity, network, and workload security.
• Build security observability and detection capabilities, including security data pipelines, SIEM integrations, and threat intelligence signals.
• Think like an attacker—identify systemic weaknesses and design controls that protect against entire classes of attacks, not just individual vulnerabilities.
• Work closely with developers to improve security practices through secure architecture guidance, code review support, and developer enablement.
• Lead incident response investigations and help build processes for identifying, analyzing, and mitigating security incidents.
• Own and evolve the bug bounty program, including triage, response processes, and improvements to vulnerability management workflows.
• Develop security standards, playbooks, and training programs that make security practices easier for engineering teams to adopt.
• Help define the security roadmap, identifying initiatives that improve both risk posture and operational efficiency.
Qualifications:
Required:
• Deep understanding of application security, cloud security, and modern threat landscapes, including common vulnerabilities and attack techniques (OWASP Top 10, MITRE ATT&CK, etc.)
• Strong software engineering background with experience writing production-grade code or automation (Python, Typescript, or similar)
• Hands-on experience securing cloud-native infrastructure, especially AWS, including IAM, networking, and containerized workloads
• Experience building or integrating DevSecOps pipelines, including SAST, DAST, IaC scanning, and container security tooling
• Experience designing security telemetry pipelines using tools such as SIEM platforms, observability systems, or data lakes
• Experience running or participating in penetration testing, threat modeling, or architectural security reviews
• Proven ability to collaborate effectively with engineering, DevOps, and product teams to drive secure design decisions
• Excellent communication skills and the ability to clearly explain complex security risks and trade-offs to both technical and non-technical stakeholders
• Strong understanding of SaaS architectures, distributed systems, and internet-facing platforms
• Experience developing security frameworks aligned with CIS benchmarks, NIST, or SOC2 / PCI / HIPAA compliance requirements
• Experience building security detections, threat intelligence pipelines, or runtime protection mechanisms
• Hands-on experience with Kubernetes, container security, and infrastructure-as-code (Terraform, Ansible)
Company:
**We have been made aware of individuals falsely posing as recruiters from Assured Insurance Technologies Inc. Founded in 2019, the company is headquartered in Palo Alto, USA, with a team of 51-200 employees. The company is currently Growth Stage.
Assured is on a mission to modernize insurance by providing large insurers with software solutions for claims processing. The Staff Security Engineer will scale and mature security across the platform, working closely with engineering and product teams to embed security in software development and operations.
Responsibilities:
• Lead security architecture and design reviews across applications, infrastructure, and integrations to ensure secure patterns are embedded early in the development lifecycle.
• Conduct and coordinate penetration testing, threat modeling, and security reviews for critical services, new features, and third-party integrations.
• Design and implement security automation within CI/CD pipelines to ensure secure coding practices and infrastructure policies are enforced at scale.
• Partner with infrastructure and DevOps teams to secure cloud platforms (AWS) and improve identity, network, and workload security.
• Build security observability and detection capabilities, including security data pipelines, SIEM integrations, and threat intelligence signals.
• Think like an attacker—identify systemic weaknesses and design controls that protect against entire classes of attacks, not just individual vulnerabilities.
• Work closely with developers to improve security practices through secure architecture guidance, code review support, and developer enablement.
• Lead incident response investigations and help build processes for identifying, analyzing, and mitigating security incidents.
• Own and evolve the bug bounty program, including triage, response processes, and improvements to vulnerability management workflows.
• Develop security standards, playbooks, and training programs that make security practices easier for engineering teams to adopt.
• Help define the security roadmap, identifying initiatives that improve both risk posture and operational efficiency.
Qualifications:
Required:
• Deep understanding of application security, cloud security, and modern threat landscapes, including common vulnerabilities and attack techniques (OWASP Top 10, MITRE ATT&CK, etc.)
• Strong software engineering background with experience writing production-grade code or automation (Python, Typescript, or similar)
• Hands-on experience securing cloud-native infrastructure, especially AWS, including IAM, networking, and containerized workloads
• Experience building or integrating DevSecOps pipelines, including SAST, DAST, IaC scanning, and container security tooling
• Experience designing security telemetry pipelines using tools such as SIEM platforms, observability systems, or data lakes
• Experience running or participating in penetration testing, threat modeling, or architectural security reviews
• Proven ability to collaborate effectively with engineering, DevOps, and product teams to drive secure design decisions
• Excellent communication skills and the ability to clearly explain complex security risks and trade-offs to both technical and non-technical stakeholders
• Strong understanding of SaaS architectures, distributed systems, and internet-facing platforms
• Experience developing security frameworks aligned with CIS benchmarks, NIST, or SOC2 / PCI / HIPAA compliance requirements
• Experience building security detections, threat intelligence pipelines, or runtime protection mechanisms
• Hands-on experience with Kubernetes, container security, and infrastructure-as-code (Terraform, Ansible)
Company:
**We have been made aware of individuals falsely posing as recruiters from Assured Insurance Technologies Inc. Founded in 2019, the company is headquartered in Palo Alto, USA, with a team of 51-200 employees. The company is currently Growth Stage.