Product Security Engineer
$45 - $50/hr
Prior participation in bug bounty programs as a researcher. Familiarity with OWASP Top 10, CWE taxonomy, and CVE assignment processes. Background working within a large enterprise or SaaS security ...
$45 - $50/hr
Prior participation in bug bounty programs as a researcher. Familiarity with OWASP Top 10, CWE taxonomy, and CVE assignment processes. Background working within a large enterprise or SaaS security ...
$45 - $50/hr
Prior participation in bug bounty programs as a researcher. Familiarity with OWASP Top 10, CWE taxonomy, and CVE assignment processes. Background working within a large enterprise or SaaS security ...
$45 - $50/hr
Prior participation in bug bounty programs as a researcher. Familiarity with OWASP Top 10, CWE taxonomy, and CVE assignment processes. Background working within a large enterprise or SaaS security ...
$45 - $50/hr
Prior participation in bug bounty programs as a researcher. Familiarity with OWASP Top 10, CWE taxonomy, and CVE assignment processes. Background working within a large enterprise or SaaS security ...
Foster City, CA · On-site
$180K - $325K/yr
... bug bounty programs (HackerOne ideally). * Strong ability to triage, validate, and reproduce vulnerabilities independently. * Deep understanding of web/app/cloud vulnerability classes, OWASP Top 10, ...
Foster City, CA · On-site
$180K - $325K/yr
... bug bounty programs (HackerOne ideally). * Strong ability to triage, validate, and reproduce vulnerabilities independently. * Deep understanding of web/app/cloud vulnerability classes, OWASP Top 10, ...
OR · On-site +1
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability ... Strong understanding of modern application security principles, OWASP Top 10, and secure SDLC ...
OR · On-site +1
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability ... Strong understanding of modern application security principles, OWASP Top 10, and secure SDLC ...
Chicago, IL · On-site
$60.50 - $80.75/hr
Close the loop by feeding bounty findings back into secure code review, threat models, and CI/CD checks so the same class of bug doesn't recur. * Track program health and report on trends, top ...
Chicago, IL · On-site
$60.50 - $80.75/hr
Close the loop by feeding bounty findings back into secure code review, threat models, and CI/CD checks so the same class of bug doesn't recur. * Track program health and report on trends, top ...
Cincinnati, OH · Remote
$148K - $166K/yr
ESSENTIAL DUTIES & RESPONSIBILITIES: · VDP & Bug Bounty Triage o Review and triage vulnerability ... OWASP Top 10). · Experience with vulnerability triage, validation, and prioritization. · ...
Quick apply
Cincinnati, OH · Remote
$148K - $166K/yr
ESSENTIAL DUTIES & RESPONSIBILITIES: · VDP & Bug Bounty Triage o Review and triage vulnerability ... OWASP Top 10). · Experience with vulnerability triage, validation, and prioritization. · ...
San Francisco, CA · On-site
Strong knowledge of OWASP Top 10 , SANS 25 , and NIST standards * Hands-on with secure coding reviews and CICD DevSecOps integration * Experience in Red Teaming and bug bounty programs preferred ...
Quick apply
Apply Early
San Francisco, CA · On-site
Strong knowledge of OWASP Top 10 , SANS 25 , and NIST standards * Hands-on with secure coding reviews and CICD DevSecOps integration * Experience in Red Teaming and bug bounty programs preferred ...
Apply Early
San Francisco, CA · On-site
Collectively, we've led security at some of the world's largest companies and published AI research at Stanford. * CEO Jack Cable is a top-ranked bug bounty hunter who previously led Secure by Design ...
San Francisco, CA · On-site
Collectively, we've led security at some of the world's largest companies and published AI research at Stanford. * CEO Jack Cable is a top-ranked bug bounty hunter who previously led Secure by Design ...
$117K - $160K/yr
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability ... Strong understanding of modern application security principles, OWASP Top 10, and secure SDLC ...
$117K - $160K/yr
Contribute to our vulnerability management program, including triaging bug bounty and vulnerability ... Strong understanding of modern application security principles, OWASP Top 10, and secure SDLC ...
New York, NY · On-site
$130K - $400K/yr
Bug bounty program operations - triaging HackerOne reports, validating findings, and driving fixes ... OWASP Top 10 is baseline, you think in terms of attack chains and business logic flaws * Strong in ...
New York, NY · On-site
$130K - $400K/yr
Bug bounty program operations - triaging HackerOne reports, validating findings, and driving fixes ... OWASP Top 10 is baseline, you think in terms of attack chains and business logic flaws * Strong in ...
San Francisco, CA · On-site
$150K - $300K/yr
About Us * CEO Jack Cable is a top-ranked bug bounty hunter who previously led Secure by Design at CISA. * CTO Ashwin Ramaswami is an engineer who has built large-scale systems at Skiff, Caldera, and ...
San Francisco, CA · On-site
$150K - $300K/yr
About Us * CEO Jack Cable is a top-ranked bug bounty hunter who previously led Secure by Design at CISA. * CTO Ashwin Ramaswami is an engineer who has built large-scale systems at Skiff, Caldera, and ...
$60.25 - $80.25/hr
Triage vulnerabilities from the bug bounty program, collaborating with external researchers and ... Comprehensive understanding of common web vulnerabilities (e.g., OWASP Top 10) and their practical ...
$60.25 - $80.25/hr
Triage vulnerabilities from the bug bounty program, collaborating with external researchers and ... Comprehensive understanding of common web vulnerabilities (e.g., OWASP Top 10) and their practical ...
Miami, FL · On-site
Background in bug bounty programs or red teaming * Familiarity with AI or machine learning evaluation workflows Why Join Us * Work directly on cutting-edge AI projects with top research labs * Fully ...
Miami, FL · On-site
Background in bug bounty programs or red teaming * Familiarity with AI or machine learning evaluation workflows Why Join Us * Work directly on cutting-edge AI projects with top research labs * Fully ...
Pittsburgh, PA · On-site
$110K - $120K/yr
Apply and promote secure coding standards aligned to OWASP and SANS CWE Top 25, and contribute to ... Driving additional Bug Bounty submissions and improve bot management turning & protections prior to ...
Pittsburgh, PA · On-site
$110K - $120K/yr
Apply and promote secure coding standards aligned to OWASP and SANS CWE Top 25, and contribute to ... Driving additional Bug Bounty submissions and improve bot management turning & protections prior to ...
San Francisco, CA · On-site
$160K - $240K/yr
Best in Business, and LinkedIn Top Startups. Your Role The Security team at Zip is responsible for ... Validate, triage, and coordinate security findings from bug bounty, third-party pentests, and cloud ...
San Francisco, CA · On-site
$160K - $240K/yr
Best in Business, and LinkedIn Top Startups. Your Role The Security team at Zip is responsible for ... Validate, triage, and coordinate security findings from bug bounty, third-party pentests, and cloud ...
Pittsburgh, PA · On-site
$110K - $120K/yr
Description About Wolfe Recognized among Pittsburgh's 2024 Top Workplaces and Fastest-Growing ... Driving additional Bug Bounty submissions and improve bot management turning & protections prior to ...
Quick apply
Apply Early
Pittsburgh, PA · On-site
$110K - $120K/yr
Description About Wolfe Recognized among Pittsburgh's 2024 Top Workplaces and Fastest-Growing ... Driving additional Bug Bounty submissions and improve bot management turning & protections prior to ...
Apply Early
Pittsburgh, PA · On-site
$110K - $120K/yr
Apply and promote secure coding standards aligned to OWASP and SANS CWE Top 25, and contribute to ... Driving additional Bug Bounty submissions and improve bot management turning & protections prior to ...
Pittsburgh, PA · On-site
$110K - $120K/yr
Apply and promote secure coding standards aligned to OWASP and SANS CWE Top 25, and contribute to ... Driving additional Bug Bounty submissions and improve bot management turning & protections prior to ...
Through solutions like bug bounty, vulnerability disclosure, agentic pentesting, AI red teaming ... top organizations. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive ...
Through solutions like bug bounty, vulnerability disclosure, agentic pentesting, AI red teaming ... top organizations. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive ...
Active Top Secret (TS) clearance with eligibility for Sensitive Compartmented Information (SCI) and ... Participation in capture the flag exercises, bug bounty programs, and security conferences
Active Top Secret (TS) clearance with eligibility for Sensitive Compartmented Information (SCI) and ... Participation in capture the flag exercises, bug bounty programs, and security conferences
San Francisco, CA · On-site
$134K - $185K/yr
Mature and scale our Secure SDLC and bug bounty programs to keep pace with a rapidly growing ... You have a deep understanding of web and API security principles (OWASP Top 10) and have experience ...
San Francisco, CA · On-site
$134K - $185K/yr
Mature and scale our Secure SDLC and bug bounty programs to keep pace with a rapidly growing ... You have a deep understanding of web and API security principles (OWASP Top 10) and have experience ...

$45 - $50/hr
Contractor
Medical, Dental, Vision, Life, Retirement, PTO
Posted 13 days ago
Description
About the Role
Product Security Engineer to support our Bug Bounty program on a 6-month contract engagement, backfilling a team member on leave. You will be the frontline responder for external vulnerability reports submitted through the program, working closely with internal engineering and security teams to ensure timely, accurate triage and resolution.
Responsibilities
Triage incoming vulnerability reports submitted via the bug bounty platform, assessing validity, impact, and scope.
Assign CVSS scores and severity ratings accurately, following Adobe’s internal severity guidelines and industry standards.
Reproduce proof-of-concept (PoC) exploits to validate reported vulnerabilities across web, API, and mobile surfaces.
Communicate clearly and professionally with external researchers: request clarifications, provide status updates, and manage expectations.
Coordinate with product engineering teams to route confirmed vulnerabilities for remediation.
Identify duplicate, out-of-scope, or informational reports and close them with clear, respectful explanations.
Contribute to internal documentation, triage runbooks, and severity calibration guidelines.
Flag systemic or critical findings to Bug Bounty team for escalation as needed.
Required Qualifications
3+ years of experience in application security, penetration testing, or a bug bounty / vulnerability disclosure role.
Strong understanding of CVSS v3.1 scoring and hands-on experience applying it to real-world vulnerabilities.
Proficiency in common web vulnerability classes: XSS, SQL injection, SSRF, IDOR, authentication flaws, and business logic issues.
Ability to reproduce and validate PoC exploits using tools such as Burp Suite, browser DevTools, curl, and custom scripts.
Familiarity with bug bounty platforms (e.g., HackerOne, Bugcrowd) and responsible disclosure processes.
Solid written communication skills — able to write clear, constructive responses to researchers of all skill levels.
Familiarity with attacker techniques used by external researchers against LLM systems and generative AI products.
Knowledge of application security vulnerabilities (OWASP Top 10) and mitigation techniques.
Skills
Application security, cvss, hackerone, owasp 10 frameworks, security testing, ai vulnerabilities, ai expertise, owasp 10 LLM
Top Skills Details
Application security,cvss,hackerone,owasp 10 frameworks,security testing
Additional Skills & Qualifications
Experience with cloud environments (AWS, Azure, GCP) and API security testing.
Hands-on experience in penetration testing of AI/ML and LLM-powered products, including chat interfaces, agentic workflows, and inference APIs.
Prior participation in bug bounty programs as a researcher.
Familiarity with OWASP Top 10, CWE taxonomy, and CVE assignment processes.
Background working within a large enterprise or SaaS security organization.
Job Type & LocationThis is a Contract position based out of Lehi, UT.
Pay and BenefitsThe pay range for this position is $45.00 - $50.00/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)
This is a hybrid position in Lehi,UT.
Application DeadlineThis position is anticipated to close on Jun 30, 2026.
About TEKsystemsWe're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
About TEKsystems and TEKsystems Global ServicesWe’re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We’re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, for all positions located in the city and county of San Francisco, we will consider for employment qualified applicants with arrest and conviction records.
Massachusetts Lie Detector: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Use of Artificial Intelligence (AI): We may use Artificial Intelligence (AI) to support parts of our hiring process, including sourcing, screening, and evaluating candidates. AI helps assess applications and qualifications, but final decisions are made by our hiring team. By applying, you acknowledge and agree that your application may be reviewed using AI tools.