You'll bring depth in security fundamentals and program design as a member of a small, high ... Contribute to SDLC tooling, SAST/SCA workflows, and bug bounty triage as the team's work demands.
You'll bring depth in security fundamentals and program design as a member of a small, high ... Contribute to SDLC tooling, SAST/SCA workflows, and bug bounty triage as the team's work demands.
$88K - $121K/yr
... or bug bounty programs is considered an advantage. Benefits * Competitive compensation package ... Fully remote work option for eligible candidates. * Flexible and collaborative international work ...
$88K - $121K/yr
... or bug bounty programs is considered an advantage. Benefits * Competitive compensation package ... Fully remote work option for eligible candidates. * Flexible and collaborative international work ...
Senior Product Security Engineer
$117K - $160K/yr
... through CVEs, bug bounty awards, published research, or prior work experience • Ability to ... building security programs or practices at hyper-growth startups • Background with cloud ...
Senior Product Security Engineer
$117K - $160K/yr
... through CVEs, bug bounty awards, published research, or prior work experience • Ability to ... building security programs or practices at hyper-growth startups • Background with cloud ...
Director, Product Security
Buffalo, NY · Remote
Manage and coordinate external penetration testing and bug bounty programs focused on ACV ... Maintain strong communication channels with remote team members, ensuring alignment and fostering a ...
Director, Product Security
Buffalo, NY · Remote
Manage and coordinate external penetration testing and bug bounty programs focused on ACV ... Maintain strong communication channels with remote team members, ensuring alignment and fostering a ...
Director, Product Security
Buffalo, NY · Remote
Manage and coordinate external penetration testing and bug bounty programs focused on ACV ... Maintain strong communication channels with remote team members, ensuring alignment and fostering a ...
Director, Product Security
Buffalo, NY · Remote
Manage and coordinate external penetration testing and bug bounty programs focused on ACV ... Maintain strong communication channels with remote team members, ensuring alignment and fostering a ...
Director, Product Security
Buffalo, NY · Remote
Manage and coordinate external penetration testing and bug bounty programs focused on ACV ... Maintain strong communication channels with remote team members, ensuring alignment and fostering a ...
Director, Product Security
Buffalo, NY · Remote
Manage and coordinate external penetration testing and bug bounty programs focused on ACV ... Maintain strong communication channels with remote team members, ensuring alignment and fostering a ...
Senior Application Security Engineer (Remote)
$117K - $160K/yr
Experience submitting to bug bounty programs or responsible disclosure programs Compensation The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend ...
Senior Application Security Engineer (Remote)
$117K - $160K/yr
Experience submitting to bug bounty programs or responsible disclosure programs Compensation The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend ...
Principal Application Security Engineer
$177K - $225K/yr
This role can be fully remote and must reside in US. In this role, you will help us drive our ... Drive our security assessment, penetration testing and bug bounty programs * Participate in ...
Principal Application Security Engineer
$177K - $225K/yr
This role can be fully remote and must reside in US. In this role, you will help us drive our ... Drive our security assessment, penetration testing and bug bounty programs * Participate in ...
Respond to and triage reports from bug bounty programs. Minimum Qualifications * B.S. or M.S. in Computer Science, a related technical field, or equivalent experience. * 3+ years of experience in ...
Respond to and triage reports from bug bounty programs. Minimum Qualifications * B.S. or M.S. in Computer Science, a related technical field, or equivalent experience. * 3+ years of experience in ...
Sr. Security Engineer (Penetration Testing)
OR · Remote
$100K - $180K/yr
Participated in bug bounty programs and audit contests * Published security-related blog posts and ... LI-Remote #blockchain #startups #hiring CertiK is proud to offer medical, vision, and dental ...
Quick apply
Sr. Security Engineer (Penetration Testing)
OR · Remote
$100K - $180K/yr
Participated in bug bounty programs and audit contests * Published security-related blog posts and ... LI-Remote #blockchain #startups #hiring CertiK is proud to offer medical, vision, and dental ...
Sr/Staff Security Engineer
$117K - $160K/yr
Conduct or coordinate penetration tests, red team exercises, and bug bounty triage; drive ... Fully remote company * Flexible PTO
Sr/Staff Security Engineer
$117K - $160K/yr
Conduct or coordinate penetration tests, red team exercises, and bug bounty triage; drive ... Fully remote company * Flexible PTO
Sr. Security Engineer (Penetration Testing)
$100K - $180K/yr
Participated in bug bounty programs and audit contests * Published security-related blog posts and ... LI-Remote #blockchain #startups #hiring CertiK is proud to offer medical, vision, and dental ...
Sr. Security Engineer (Penetration Testing)
$100K - $180K/yr
Participated in bug bounty programs and audit contests * Published security-related blog posts and ... LI-Remote #blockchain #startups #hiring CertiK is proud to offer medical, vision, and dental ...
You have experience running or participating in bug bounty programs (HackerOne, Bugcrowd, etc.). * You have worked in a regulated financial services, fintech, or crypto environment. * You have ...
You have experience running or participating in bug bounty programs (HackerOne, Bugcrowd, etc.). * You have worked in a regulated financial services, fintech, or crypto environment. * You have ...
You have experience running or participating in bug bounty programs (HackerOne, Bugcrowd, etc.). * You have worked in a regulated financial services, fintech, or crypto environment. * You have ...
Quick apply
You have experience running or participating in bug bounty programs (HackerOne, Bugcrowd, etc.). * You have worked in a regulated financial services, fintech, or crypto environment. * You have ...
Product Security Engineering Manager
$176K - $242K/yr
Previous experience managing, triaging, or actively participating in Bug Bounty programs * A background in building "paved roads" or secure-by-default internal libraries to eliminate entire classes ...
Product Security Engineering Manager
$176K - $242K/yr
Previous experience managing, triaging, or actively participating in Bug Bounty programs * A background in building "paved roads" or secure-by-default internal libraries to eliminate entire classes ...
Staff Application Security Engineer
Glendale, CA · On-site +1
$62.25 - $83.25/hr
Participate in and help scale internal security assessments, penetration testing, and bug bounty programs. * Tooling Ownership: Evaluate, prototype, implement, and operate security tools including ...
Staff Application Security Engineer
Glendale, CA · On-site +1
$62.25 - $83.25/hr
Participate in and help scale internal security assessments, penetration testing, and bug bounty programs. * Tooling Ownership: Evaluate, prototype, implement, and operate security tools including ...
Senior Penetration Testing Engineer
Irving, TX · On-site +1
$109K - $150K/yr
Experience with bug bounty programs, including platforms such as HackerOne and Bugcrowd. * Knowledge of regulatory frameworks, including PCI DSS, HIPAA, and NIST standards. * Interest in and ...
Senior Penetration Testing Engineer
Irving, TX · On-site +1
$109K - $150K/yr
Experience with bug bounty programs, including platforms such as HackerOne and Bugcrowd. * Knowledge of regulatory frameworks, including PCI DSS, HIPAA, and NIST standards. * Interest in and ...
Founding Account Executive
San Francisco, CA · On-site +1
$300K/yr
Hybrid preferred; remote considered for highly relevant candidates Industry: Application Security ... Founded by experienced security practitioners with backgrounds in red teaming, bug bounty, and ...
Founding Account Executive
San Francisco, CA · On-site +1
$300K/yr
Hybrid preferred; remote considered for highly relevant candidates Industry: Application Security ... Founded by experienced security practitioners with backgrounds in red teaming, bug bounty, and ...
Senior Penetration Testing Engineer
Irving, TX · On-site +1
$109K - $150K/yr
Experience with bug bounty programs, including platforms such as HackerOne and Bugcrowd. * Knowledge of regulatory frameworks, including PCI DSS, HIPAA, and NIST standards. * Interest in and ...
Senior Penetration Testing Engineer
Irving, TX · On-site +1
$109K - $150K/yr
Experience with bug bounty programs, including platforms such as HackerOne and Bugcrowd. * Knowledge of regulatory frameworks, including PCI DSS, HIPAA, and NIST standards. * Interest in and ...
... remote assets. * Vulnerability management. Triage, prioritization, remediation tracking, and ... Experience standing up or running a vulnerability disclosure program or bug bounty, triage ...
... remote assets. * Vulnerability management. Triage, prioritization, remediation tracking, and ... Experience standing up or running a vulnerability disclosure program or bug bounty, triage ...
Remote Bug Bounty Program information
See salary details
$16.35 - $22.01
6% of jobs
$22.01 - $27.67
14% of jobs
$31.30 is the 25th percentile. Wages below this are outliers.
$27.67 - $33.33
7% of jobs
$33.33 - $38.99
1% of jobs
$38.99 - $44.65
13% of jobs
The median wage is $47.88 / hr.
$44.65 - $50.31
15% of jobs
$50.31 - $55.97
3% of jobs
$55.97 - $61.63
9% of jobs
$65.30 is the 75th percentile. Wages above this are outliers.
$61.63 - $67.29
11% of jobs
$67.29 - $72.95
15% of jobs
$72.95 - $78.61
6% of jobs
$16
$49
$78
How much do remote bug bounty program jobs pay per hour?
As of Jun 21, 2026, the average hourly pay for remote bug bounty program in the United States is $49.60, according to ZipRecruiter salary data. Most workers in this role earn between $31.73 and $66.83 per hour, depending on experience, location, and employer.
What are Remote Bug Bounty Programs?
Remote Bug Bounty Programs are initiatives run by organizations that invite independent security researchers, or 'bug hunters,' to find and report vulnerabilities in their software or systems. These programs are conducted entirely online, allowing participants from around the world to contribute remotely. Companies offer monetary rewards or other incentives for valid and impactful security findings. This approach helps organizations strengthen their security by leveraging a global pool of ethical hackers, while participants gain recognition and compensation for their expertise.
What are the biggest challenges faced by participants in a remote bug bounty program, and how can they be addressed?
One of the main challenges in remote bug bounty programs is staying motivated and disciplined without direct oversight, as participants often work independently. Additionally, understanding the specific security requirements and scope of each program can be complex, especially when dealing with varied platforms and reporting standards. To overcome these challenges, it's important to set personal goals, join online communities for peer support, and thoroughly review each program's documentation before starting. Effective communication with program coordinators can also help clarify expectations and facilitate successful submissions.
What is the difference between Remote Bug Bounty Program vs Remote Penetration Tester?
| Aspect | Remote Bug Bounty Program | Remote Penetration Tester |
|---|---|---|
| Credentials | Typically no formal certifications required, but cybersecurity knowledge helps | Often holds certifications like OSCP, CEH, or CISSP |
| Work Environment | Participates remotely, often independently, on various platforms | Works remotely or on-site for clients, conducting security assessments |
| Employer & Industry Usage | Used by companies to crowdsource security testing; industry-wide | Employed by organizations or consulting firms to perform security audits |
While both roles focus on cybersecurity, a Remote Bug Bounty Program involves independent testing on platforms to find vulnerabilities, whereas a Remote Penetration Tester conducts comprehensive security assessments for organizations, often with formal credentials and direct client engagement.
What are the key skills and qualifications needed to thrive in a Remote Bug Bounty Program role, and why are they important?
To thrive in a Remote Bug Bounty Program role, you need a strong background in cybersecurity, vulnerability assessment, and ethical hacking, often supported by experience in penetration testing and security certifications like OSCP or CEH. Familiarity with tools such as Burp Suite, Nmap, Metasploit, and various bug bounty platforms is essential. Attention to detail, persistence, effective communication, and self-motivation are standout soft skills for this position. These abilities are crucial for identifying and responsibly reporting security vulnerabilities that help organizations strengthen their defenses.
More about Remote Bug Bounty Program jobs
What cities are hiring for Remote Bug Bounty Program jobs? Cities with the most Remote Bug Bounty Program job openings:
What are the most commonly searched types of Bug Bounty Program jobs? The most popular types of Bug Bounty Program jobs are:
What states have the most Remote Bug Bounty Program jobs? States with the most job openings for Remote Bug Bounty Program jobs include:
What job categories do people searching Remote Bug Bounty Program jobs look for? The top searched job categories for Remote Bug Bounty Program jobs are:
Job description
About the Job:
LaunchDarkly's Product Security team is hiring a Product Security Engineer to strengthen how we secure the platform engineers build with every day. You'll bring depth in security fundamentals and program design as a member of a small, high-leverage team with strong engineering instincts.
LaunchDarkly is critical infrastructure. Our security team keeps it safe for the global systems that depend on us. You'll spend most of your time on threat modeling and cloud security posture, with rotating exposure to the rest of the ProdSec surface area. Your work will help developers move fast without sacrificing security, through automation, guidance, and the kind of partnership that makes the secure path the easy one.
You'll report to the Director of Security and work closely with software engineers, product managers, and other security engineers. We expect you to bring a sharp point of view on where AI can take work off the team's plate and make our coverage deeper.
Responsibilities:
Nice to Haves:
Pay:
Target pay ranges based on Geographic Zones* for Level 2:
LaunchDarkly operates from a place of high trust and transparency; we are happy to state the pay range for our open roles to best align with your needs. Exact compensation may vary based on skills, experience, and location.
*Within the United States, our geographic pay zones are defined by counties surrounding major metropolitan areas.
**Restricted Stock Units (RSUs), health, vision, and dental insurance, and mental health benefits in addition to salary.
About LaunchDarkly:
Modern software delivery was supposed to be the foundation for a thriving digital business but reality has proven otherwise. Slow, inefficient development cycles, costly outages, and fragmented customer experiences are preventing developers from building their best software. The LaunchDarkly platform helps developers innovate on new features faster while protecting them with a safety valve to instantly rewind when things go wrong. Developers can target product experiences to any customer segment and maximize the business impact of every feature. And by gradually rolling out new application components, they escape nightmare "big-bang" technology migrations.
The LaunchDarkly platform was built to guide engineers to the next frontier of DevOps by:
At LaunchDarkly, we believe in the power of teams. We're building a team that is humble, open, collaborative, respectful and kind. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, or disability status. LD invites any applicant to review our written Affirmative Action Plan. To do so, contact People Ops at hr@launchdarkly.com.
Do you need a disability accommodation?
Fill out this accommodations request form and someone from our People Operations team will contact you for assistance.
Your safety matters to us. To protect yourself from potential scams, LaunchDarkly recruiters will only contact you from @LaunchDarkly.com email addresses or via LinkedIn from "Verified Recruiter" accounts.Be cautious of emails from other domains. Legitimate LaunchDarkly recruiters will never ask for money, fees, or banking information before making a job offer. LaunchDarkly will never make a job offer without conducting a formal interview process. Our interview process does not involve asking detailed questions by email. If you are ever unsure about a communication that you receive, don't click any links-visit Careers | LaunchDarkly directly for confirmed job openings and links to apply.
Please notify us of any fraudulent representation by sending an email to careers@launchdarkly.com.
LaunchDarkly's Product Security team is hiring a Product Security Engineer to strengthen how we secure the platform engineers build with every day. You'll bring depth in security fundamentals and program design as a member of a small, high-leverage team with strong engineering instincts.
LaunchDarkly is critical infrastructure. Our security team keeps it safe for the global systems that depend on us. You'll spend most of your time on threat modeling and cloud security posture, with rotating exposure to the rest of the ProdSec surface area. Your work will help developers move fast without sacrificing security, through automation, guidance, and the kind of partnership that makes the secure path the easy one.
You'll report to the Director of Security and work closely with software engineers, product managers, and other security engineers. We expect you to bring a sharp point of view on where AI can take work off the team's plate and make our coverage deeper.
Responsibilities:
- Lead threat modeling engagements on the features and services where the risk warrants it.
- Partner with the ProdSec lead to evolve the practice from on-request to repeatable, with clear criteria for when an engagement is worth running.
- Own day-to-day triage of CNAPP findings end to end. Investigate, prioritize, route to service owners, and close the loop. Look for patterns that point to systemic fixes instead of one-off cleanup.
- Contribute to SDLC tooling, SAST/SCA workflows, and bug bounty triage as the team's work demands.
- Partner with product engineering teams as a trusted reviewer. Catch issues early, explain the why, propose paths forward. Say no when needed, with reasons and alternatives.
- Bring AI to your work. Use it to accelerate triage, summarize findings, draft threat models, scan code, and reduce toil. Help the team build durable patterns for safe and effective use, not one-off prompts.
- Push the security floor up over time through documentation, office hours, small tooling improvements, and the kind of compounding work that prevents incidents rather than responds to them.
- You're proactive by default. You'd rather spot drift early and fix the cause than chase symptoms after an incident.
- You believe security is a craft of habits and systems. Small consistent improvements beat heroic one-offs.
- You invest in relationships with the engineering, product, and leadership teams you work with.
- You know security work moves at the speed of trust.
- You're a good partner. You're helpful and direct, you say no with reasons and alternatives, and you don't mistake gatekeeping for rigor.
- You're security-first by background but engineering-curious by nature. You want to understand how the systems work, not just what's wrong with them.
- You treat AI as part of the toolkit. You're skeptical where you should be, aggressive where it pays off, and you want to work somewhere that's serious about both.
- 2 to 4 years of full-time experience in a security-focused role. AppSec, ProdSec, or cloud security preferred.
- Comfortable reading and critiquing pull requests in a modern stack. You don't need to ship production services, but you should follow the code, ask sharp questions, and write small tools when it helps.
- Experience participating in or leading threat modeling exercises. Familiar with at least one structured approach (STRIDE, attack trees, or equivalent).
- Working knowledge of cloud security posture. Exposure to a CNAPP is a strong plus.
- Strong fundamentals: OWASP Top 10, authentication and authorization patterns, secrets management, and common cloud misconfigurations.
- Hands-on experience applying AI tooling to security or engineering work. You can point to specific examples where it changed how you operated.
Nice to Haves:
- Experience with developer tools, SaaS platforms, or feature management
- Bug bounty triage experience (HackerOne, Bugcrowd)
- Familiarity with Go, Python, or TypeScript
- Contributions to internal security tooling or open-source security projects
Pay:
Target pay ranges based on Geographic Zones* for Level 2:
- Zone 1: San Francisco/Bay Area or NYC Metropolitan Area, Boston, Seattle - $136,000 - $187,000**
- Zone 2: Irvine, LA, Monterey, Santa Barbara, Santa Rosa, Austin, Portland, Philadelphia, Chicago - $122,000 - $168,000**
- Zone 3: All other US locations - $116,000 - $159,000**
LaunchDarkly operates from a place of high trust and transparency; we are happy to state the pay range for our open roles to best align with your needs. Exact compensation may vary based on skills, experience, and location.
*Within the United States, our geographic pay zones are defined by counties surrounding major metropolitan areas.
**Restricted Stock Units (RSUs), health, vision, and dental insurance, and mental health benefits in addition to salary.
About LaunchDarkly:
Modern software delivery was supposed to be the foundation for a thriving digital business but reality has proven otherwise. Slow, inefficient development cycles, costly outages, and fragmented customer experiences are preventing developers from building their best software. The LaunchDarkly platform helps developers innovate on new features faster while protecting them with a safety valve to instantly rewind when things go wrong. Developers can target product experiences to any customer segment and maximize the business impact of every feature. And by gradually rolling out new application components, they escape nightmare "big-bang" technology migrations.
The LaunchDarkly platform was built to guide engineers to the next frontier of DevOps by:
- Improving the velocity and stability of software releases, without the fear of end customer outages
- Delivering targeted experiences by easily personalizing features to customer cohorts
- Maximizing the business impact of every feature through the ability to experiment and optimize
- Coordinating the release and optimization of software to provide consistent experiences across mobile platforms and device types
- Improving the effectiveness and productivity of engineering teams, by providing insights into engineering cadence and stability
At LaunchDarkly, we believe in the power of teams. We're building a team that is humble, open, collaborative, respectful and kind. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, or disability status. LD invites any applicant to review our written Affirmative Action Plan. To do so, contact People Ops at hr@launchdarkly.com.
Do you need a disability accommodation?
Fill out this accommodations request form and someone from our People Operations team will contact you for assistance.
Your safety matters to us. To protect yourself from potential scams, LaunchDarkly recruiters will only contact you from @LaunchDarkly.com email addresses or via LinkedIn from "Verified Recruiter" accounts.Be cautious of emails from other domains. Legitimate LaunchDarkly recruiters will never ask for money, fees, or banking information before making a job offer. LaunchDarkly will never make a job offer without conducting a formal interview process. Our interview process does not involve asking detailed questions by email. If you are ever unsure about a communication that you receive, don't click any links-visit Careers | LaunchDarkly directly for confirmed job openings and links to apply.
Please notify us of any fraudulent representation by sending an email to careers@launchdarkly.com.
About LaunchDarkly
Sourced by ZipRecruiter
Industry
Software development
Company size
501 - 1,000 Employees
Headquarters location
Oakland, CA, US
Year founded
2014