Product Security Analyst

Responsibilities

• Evaluate vulnerability reports submitted by security researchers to determine validity, severity, exploitability, and business impact for HackerOne customers using Data-Driven Decision Making and established security frameworks such as CVSS.
• Independently reproduce reported vulnerabilities across web and mobile applications, applying First Principles Problem Solving to validate findings, identify root causes, and clearly communicate impact.
• Collaborate directly with security researchers to gather missing information, clarify technical details, and improve report quality while maintaining clear and professional communication with customers.
• Create concise, technically accurate summaries for validated findings, including reproduction steps, impact analysis, and remediation guidance.
• Demonstrate Change Agility by adapting to evolving customer environments, changing program scopes, emerging attack techniques, and shifting operational priorities.
• Contribute to an AI-First approach by leveraging automation and AI-enabled workflows to improve operational efficiency, report analysis, and vulnerability triage quality.
• Partner cross-functionally with Technical Services teammates and customer-facing teams to ensure timely handling of vulnerabilities and a high-quality customer experience.
• Proactively identify opportunities to improve internal processes, documentation, tooling, and triage

Benefits

Additional Information

HackerOne is a global leader in Continuous Threat Exposure Management (CTEM). The HackerOne Platform unites agentic AI solutions with the ingenuity of the world's largest community of security researchers to continuously discover, validate, prioritize, and remediate exposures across code, cloud, and AI systems. Through solutions like bug bounty, vulnerability disclosure, agentic pentesting, AI red teaming, and code security, HackerOne delivers measurable, continuous reduction of cyber risk for enterprises. Industry leaders, including Anthropic, Crypto.com , General Motors, Goldman Sachs, Lufthansa, Uber, UK Ministry of Defence, and the U.S. Department of Defense, trust HackerOne to safeguard their digital ecosystems. HackerOne was recognized in Gartner's Emerging Tech Impact Radar: AI Cybersecurity Ecosystem report for its leadership in AI Security Testing and has been named a Most Loved Workplace for Young Professionals (2024). HackerOne is at a pivotal inflection point in the security industry. Offensive security is no longer optional - it is the standard for forward-thinking companies that want to build trust and resilience in a world where AI-driven innovation and adversaries are moving faster than ever. With the industry shifting, HackerOne stands apart: we combine the ingenuity of the largest security research community with a best-in-class AI-powered platform, trusted by the world's top organizations. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Product Security Analyst Remote Locations - Boston, MA - Austin, TX - Washington, DC - Seattle, WA - San Francisco Bay Area, CA Position Summary HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. As a Product Security Analyst, you will join HackerOne's Technical Services organization and work directly with some of the world's most skilled security researchers to help customers identify and remediate impactful vulnerabilities. You will play a critical role in validating, reproducing, and communicating security findings across bug bounty and vulnerability disclosure programs while helping maintain a high-quality experience for both customers and hackers. As we continue evolving our AI-powered offensive security platform, this role offers an opportunity to deepen technical expertise in web and mobile application security while collaborating with globally distributed teams and the broader hacker community. At HackerOne, we embrace a Flexible Work approach that gives us the freedom to do our best work while also fostering the connections and community that make us stronger. Reflecting this philosophy, this is a remote role targeted for candidates within ~50 miles of Boston MA, Austin TX, Washington DC, Seattle WA, or San Francisco Bay Area CA. We believe this balance of proximity and flexibility gives Hackeronies the chance to occasionally come together - fostering collaboration, connection, and in-person moments that enrich our culture - while still preserving the benefits of remote work.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at hackerone? Share your experience