Join the Offensive Security Revolution at HackerOne!
HackerOne is not just a company; we're a force reshaping the cybersecurity landscape. As a global leader in offensive security, we empower organizations to proactively identify and remediate vulnerabilities before they can be exploited. Our unique platform blends the power of AI with the ingenuity of the world's largest community of security researchers, delivering unparalleled protection across the entire software development lifecycle. We offer a comprehensive suite of solutions including bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security.
We're trusted by industry giants like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. Recognized as a Best Workplace for Innovators by Fast Company (2023) and a Most Loved Workplace for Young Professionals (2024), HackerOne is where you can make a real impact.
We're at a pivotal moment. With offensive security becoming the new standard, HackerOne stands apart, combining human expertise and cutting-edge AI to secure the world's leading organizations.
Our Values: The HackerOne Way
Customer Obsessed: Customer success drives everything we do.
Default to Disclosure: We champion transparency and integrity in all interactions.
Win Together: We believe in empowerment, inclusion, respect, and accountability to achieve collective success.
Senior Product Security Analyst - Pune, India
Location: Pune, India (In-Office, 4-5 days/week)
Team: Technical Services
Are you a seasoned security professional ready to tackle complex challenges and shape the future of offensive security? HackerOne is seeking a passionate and driven Senior Product Security Analyst to join our growing Technical Services team in Pune, India. This is an exciting opportunity to contribute to the core of our vulnerability triage process, working alongside elite ethical hackers to safeguard our clients.
As a senior member, you'll play a pivotal role in ensuring the accuracy, quality, and consistency of our triage services. You'll mentor junior analysts, lead critical program operations, and work directly with the world's best hackers on high-impact vulnerabilities. If you thrive in a collaborative environment, possess a deep understanding of diverse tech stacks, and are passionate about fostering talent, this role is for you.
Our new Pune office offers a dynamic, in-person environment crucial for building strong relationships, solving problems effectively, and fostering a vibrant community. Remote options are not available for this role as we believe in the power of in-person connection for the challenges we'll tackle together. As a key part of our global team, the Pune office will play a significant role in advancing our culture and mission.
What You'll Do: Dive Deep into Offensive Security
Evaluate vulnerability reports submitted by hackers, determining their validity, severity, and relevance.
Take ownership of complex, high-priority reports, ensuring accurate reproduction, impact assessment, and remediation guidance.
Collaborate with hackers and customers to drive clarity and facilitate effective vulnerability resolution.
Mentor junior analysts, sharing expertise, guiding reproductions, and fostering a learning environment.
Lead triage operations for high-value customer programs, ensuring SLAs, quality metrics, and customer satisfaction.
Upskill team members on emerging attack vectors, tools, and best practices through internal training.
Work across diverse tech stacks (web, mobile, APIs, cloud), ensuring technical excellence across all vulnerability reports.
Identify process improvements and contribute to internal projects that enhance triage workflows, tooling, and efficiency.
Proactively assist in backlog management, quality control, and escalation handling for critical vulnerabilities.
Act as a technical point of contact for program-specific escalations and process clarifications.
Minimum Qualifications: Your Arsenal of Skills
5+ years of hands-on experience in application security, security testing, or ethical hacking across web, mobile, and/or cloud environments.
Experience leading high profile customers
Deep understanding of OWASP Top 10 and technical knowledge of various vulnerability classes.
Proven experience triaging, reproducing, or responding to vulnerability reports (bug bounty or VDP).
Proficiency with tools like Burp Suite, browser developer tools, and command-line utilities.
Demonstrated ability to handle and break down complex vulnerability reports.
Strong written and verbal communication skills to collaborate effectively with hackers and customers.
Experience using vulnerability classification frameworks like CVSS or VEX.
Proven ability to mentor or lead peers or junior analysts in a team setting.
Self-motivated and organized, with the ability to manage dynamic workloads and shifting priorities.
Comfortable leading customer-facing triage workflows and discussions.
Fluent in English.
Ready to work in EMEA shift / flexible shifts
At HackerOne, we're united by a passion for our mission and a commitment to working together to create a safer world.
Nice to Have: Level Up Your Game
Experience leading or managing security programs (VDPs or bug bounty).
Exposure to cloud platforms (AWS, GCP, Azure) and relevant security implications.
Familiarity with scripting or automation (Python, Bash, etc.) for security tooling or data handling.
Previous experience in mentoring or team leadership roles in security teams.
Compensation & Benefits: Invest in Your Future Health (medical, vision, dental), life, and disability insurance* *Eligibility may differ by country We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer, committed to diversity and inclusion in the workplace. We do not discriminate based on race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.
Compensation Ranges: INR 3,064,000 to 3,447,000 annually
Benefits:
Equity stock options
Retirement plans
Paid public holidays and unlimited PTO
Paid maternity and parental leave
Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)
Employee Assistance Program
Flexible Work Stipend