Application Security Engineer

Bugcrowd, founded in 2012, is a leading crowdsourced security platform that empowers organizations to stay ahead of threat actors. As an Application Security Engineer (ASE) at Bugcrowd, you'll be at the forefront of application security assessment at an epic scale.

Your role involves curating and managing incoming security vulnerability submissions for some of the world's biggest companies' bug bounty programs. This position offers unique opportunities:

1. Exposure to hundreds of company security programs
2. Interaction with top security researchers and cutting-edge methodologies
3. Rapid proficiency in complex vulnerabilities (XSS, SQLi, XXE, IDOR, SSTI, SSRF, etc.)
4. Diverse experience across various platforms (IoT, embedded systems, mobile applications, etc.)

Key Responsibilities:

• Triage and validate submissions for Bugcrowd managed programs
• Assess validity, accuracy, and severity of incoming data
• Communicate with clients and researchers when additional information is needed
• Handle Incident Response, escalating high-severity bugs to clients
• Assist in designing/developing tools to improve the triage/validation process

Requirements:

• Bachelor's degree or previous security consulting experience
• Strong knowledge of OWASP Top Ten vulnerabilities
• High proficiency with Burp Suite and other industry-standard tools
• Published security assessment research
• Strong organization, communication, and time management skills

Bugcrowd offers a remote work environment and values diversity in the workplace. The company culture is described as family-like, with a team comprising various backgrounds and interests.

Join Bugcrowd to be part of a dynamic team solving critical security threats and vulnerabilities, while working with cutting-edge technologies and methodologies in the cybersecurity field.