Blog

Security Analyst, Bug Bounty

at Stripe

View all jobs at StripeVisit Stripe websiteVisit Stripe LinkedIn

Posted last week

Apply Now

Resume Score

Check how well your resume matches this job before you apply.

Sign in to check score

About the role

  • Security Analyst at Stripe managing bug bounty programs, coordinating security vulnerability remediation, and collaborating with researchers to enhance security posture.

Responsibilities

  • Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program.
  • Communicate clearly and effectively with security researchers to follow up on unclear reports, drive report clarity, and increase engagement with top hackers.
  • Understand the root cause of security vulnerabilities to help product and engineering teams fix them, and advise on the right mitigation strategies.
  • Drive the lifecycle of submissions through to resolution, coordinating with product and engineering stakeholders.
  • Act as the security bridge between external researchers and internal teams to facilitate rapid and effective remediation.
  • Conduct in-depth data analysis on bug reports and vulnerability patterns to identify systemic risks and inform new security initiatives.
  • Provide tactical support for vulnerability management triage processes to augment the team as needed.
  • Prepare and implement improvements to the overall bug bounty program.
  • Provide feedback and requirements for tool development to enhance triage and security workflows, leveraging opportunities for automation.

Requirements

  • Proven ability to follow bug reports, reproduce, and accurately triage security vulnerabilities.
  • Deep familiarity with web security issues, attack vectors, and exploit methodologies (e.g., OWASP Top 10, CWEs, CVEs).
  • Competent in offensive security tools to reproduce issues (e.g., Burp Suite, Nuclei, custom scripting).
  • Ability to think like an attacker to understand the impact of vulnerabilities.
  • Proficient in clear and concise written and verbal communication, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
  • Experience in one of the following areas:
  • • Direct experience in a bug bounty program or triaging security vulnerability reports.
  • • Direct, deep knowledge of Stripe products and assets, coupled with strong general security knowledge.

Benefits

  • Competitive salary
  • Health insurance
  • Retirement plans
  • Professional development opportunities

Job title

Security Analyst

Job type

Full Time

Experience level

Mid levelSenior

Salary

Not specified

Degree requirement

Bachelor's Degree

Location requirements

RemoteNorth America

Report this job

Found something wrong with the page? Please let us know by submitting a report below.

Similar roles

Browse all Security Analyst jobs

Security Analyst

Bulletproof

Security Analyst providing 24/7 support for Bulletproof's Security Operations Center. Handling security issues, troubleshooting, and coordinating incident responses in a hybrid work environment.

Hybrid Role
Fredericton
New Brunswick
Security Analyst

Senior Cyber Security Specialist

LinkedIn Recruiter Post

Senior Cyber Security Specialist - TRA, Threat Modeling & Risk Management. On - site/hybrid contract in Toronto.

Toronto
Ontario
Security Analyst
$80.00–$125.00 per hour

Senior Technical Security Analyst

RBC

Senior Technical Security Analyst in Identity & Access Management at RBC. Supporting end user access requests, troubleshooting, and collaborating in a high - performing team environment.

Onsite Role
Toronto
Ontario
Security Analyst

Information Security Analyst – Banking

LinkedIn Recruiter Post

Information Security Analyst needed for a banking client to monitor security reports, collaborate on remediation, and support security technology deployment.

Toronto
Ontario
Security Analyst
$43.69/hr – $52.43/hr