Application Security Engineer - Bug bounty - Crypto.com Hong Kong, Hong Kong SAR Bookmark Share Print 33 0 0

Listing Description


Responsibilities

  • Manage and oversee the company's bug bounty program on platforms like HackerOne, HackenProof, and Bugcrowd.
  • Triage and validate bug reports submitted by external researchers.
  • Prioritize and categorize bugs based on severity and potential impact.
  • Collaborate with the engineering and security teams to understand, track, and remediate vulnerabilities.
  • Facilitate communication between external researchers, security teams, and developers to ensure effective resolution of security issues.
  • Provide clear and constructive feedback to external researchers.
  • Maintain a strong relationship with the bug bounty community.
  • Keep up-to-date with the latest cybersecurity trends, vulnerabilities, and threats.
  • Prepare and present reports on bug bounty program performance.

    • Requirements
  • 2+ Years of hands-on experience in the Application Security field.
  • Experience in a similar role, managing bug bounty programs and handling vulnerability reports will be a definite advantage.
  • Strong understanding of web and mobile application security.
  • Deep understanding of application security frameworks such as OWASP Top 10 and possess a strong sense of security regarding business and financial logic flaws.
  • Proficiency in using bug bounty platforms like HackerOne, HackenProof, Bugcrowd, etc.
  • Excellent problem-solving skills and attention to detail.
  • Strong communication skills, with the ability to explain complex security issues to non-technical stakeholders.
  • Experience in coordinating and collaborating with diverse teams.
  • The ability to read code and understand how the back-end responds to API requests in programming languages such as Java, Ruby, Elixir, and JavaScript is crucial.
  • Relevant certifications such as Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP) are a plus.

    • Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!