Lead both the internal and public bug bounty program; including strategic planning, managing the bounty platform, interfacing with researchers, collaborating with communications team, as well as measurement and reporting of the program
Oversee the end-to-end report lifecycle of security disclosures: from triage to resolution, including root cause analysis, and guiding internal remediation
Work closely with the appropriate stakeholders across departments to help them understand the risks, track remediation timelines, and set priorities to ensure multiple disclosures are remediated in parallel across multiple teams within the defined SLAs
Identify and drive improvements in our S-SDLC by monitoring vulnerability disclosures for patterns and by keeping current on popular trends in the security research community.
Build and handle the mitigations for moving cross-functional software projects, initiatives, and solutions to final delivery and implementation
Develop new and adapt existing project plans, processes and communication flows and collaboratively improve them to ensure success
Requirements
You bring an educational or practical background with software development and business.
Excellent communication skills, and the ability to effectively communicate at all levels of the company
A firm understanding of common vulnerabilities like those outlined by OWASP
You have demonstrated the ability to both work autonomously, as well as successfully handling remote stakeholder relationships
A firm understanding of concepts around various software and architectural vulnerabilities and software development at scale
Proven ability to understand the big picture and quickly comprehend complex relationships in dynamic organizations
Familiarity with secure software development lifecycle concepts
Previous bug bounty program management experience is a plus
Fluency in English rounds up your profile
What we offer
International environment and attractive workplace
Freedom for personal organization and the possibility of attaining real results as part of a fantastic team
A good work life balance, home office opportunities, flexible working times and no time recording
Innovative and fast-growing company with financial stability of a profitable company
Room for creativity and contributions in technically diverse environment: Windows, Linux, MacOs, Mobile (iOS/Android), C++, C#, Continuous Integration, Continuous Delivery
Learning opportunities – internal & external
Open source technologies and hacker-friendly projects