Join the Offensive Security Revolution at HackerOne as a Product Security Analyst (APAC)!
Are you passionate about cybersecurity and eager to make a real-world impact? At HackerOne, we're leading the charge in offensive security, combining cutting-edge AI with the ingenuity of the world's largest community of security researchers. We help organizations like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense find and fix critical vulnerabilities across their software development lifecycle. Named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024, we're not just building a platform – we're building a future where trust and resilience are the cornerstones of the digital world.
Offensive security is no longer a nice-to-have; it's a necessity. As adversaries move faster than ever, organizations need proactive solutions to stay ahead of the curve. That's where HackerOne comes in. We're looking for a talented Product Security Analyst (APAC) to join our team and play a pivotal role in ensuring the quality and impact of vulnerability reports submitted by our community.
What You'll Do:
Become a Vulnerability Expert: Evaluate vulnerability reports submitted by hackers, determining their validity, risk, and severity for HackerOne customers.
Collaborate with the Hacker Community: Work with hackers to gather missing information, provide guidance, and educate them on report quality and program policies.
Craft Actionable Insights: Compose technical summaries for valid reports, providing clear and concise details on the impact, steps to reproduce, and remediation advice.
Facilitate Communication: Ensure seamless communication between hackers and customers, fostering a collaborative and efficient environment.
Problem-Solve and Innovate: Proactively identify and resolve issues, embrace delegated tasks, and work collaboratively to achieve team success.
Reproduce and Validate: Independently reproduce reported vulnerabilities in a test environment to confirm their validity and impact.
Uphold Program Integrity: Assess vulnerability findings against program policies, scope, and impact to determine validity.
What You'll Bring:
Experience: 2+ years of professional working experience with vulnerability disclosure and bug bounty programs (managing a bug bounty program is a plus!).
Technical Skills: 3+ years of hands-on experience in security testing or ethical hacking on web and mobile applications.
OWASP Expertise: Strong technical knowledge of the OWASP Top 10 vulnerabilities.
Tool Proficiency: Comfortable using security testing tools like Burp Suite.
Communication Skills: Excellent written and verbal communication skills, with the ability to explain technical concepts clearly and concisely.
Framework Knowledge: Experience using frameworks such as CVSS.
Self-Motivation: Ability to manage your time and energy effectively while maintaining a consistent and sustainable operational rhythm.
Location: This role is based in our Pune office, and you must be able to work 4-5 days a week in the office.
Language: English fluency.
Why HackerOne?
At HackerOne, we live by our values:
Customer Obsessed: We prioritize customer outcomes in everything we do.
Default to Disclosure: We operate with transparency and integrity.
Win Together: We foster empowerment, inclusion, respect, and accountability among employees, researchers, customers, and partners.
We are dedicated to fostering a strong and inclusive culture. We offer a flexible work environment, allowing team members to collaborate effectively while maintaining productivity. This role requires presence in our Pune office.
Compensation & Benefits:
Salary: ₹2.5M – ₹2.8M
Equity: Stock options in a rapidly growing company.
Health & Wellness: Comprehensive health (medical, vision, dental), life, and disability insurance*.
Retirement: Retirement plans to help you plan for the future.
Time Off: Paid public holidays and unlimited PTO.
Family Support: Paid maternity and parental leave.
Leave Options: Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act).
Employee Assistance Program: Access to resources for personal and professional well-being.
Flexible Work Stipend: To support your remote work setup.
*Eligibility may differ by country
We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR).
Visa/work permit sponsorship is not available.
Employment at HackerOne is contingent on a background check.
HackerOne is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
#LI-BT1