Security Analyst, Bug Bounty
Stripe
Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.
About the team
In this role, you’ll join Stripe’s Vulnerability Management team, whose mission is to “Surface vulnerabilities at scale across Stripe.” Our vision is to create a culture of continuous excellence in managing vulnerabilities. The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe’s security “immune system.”
What you’ll do
We seek a highly technical and detail-oriented Security Analyst to join our team, focusing on the front lines of bug bounty triage and researcher engagement. In this role, you’ll be responsible for the end-to-end lifecycle of security vulnerability reports from our bug bounty program. You’ll own the overall effectiveness of Stripe’s bug bounty program with autonomy to implement continuous improvements (e.g., researcher campaigns, scoring transparency).
You’ll play a key role in understanding the root cause of vulnerabilities, coordinating timely resolutions, and directly impacting the security posture of Stripe’s products. A core aspect of this role is developing a deep understanding of Stripe and acquired company products, assets, and their configuration to effectively assess and prioritize vulnerabilities.
Responsibilities
- Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program
- Communicate clearly and effectively with security researchers to follow up on unclear reports, drive report clarity, and increase engagement with top hackers
- Understand the root cause of security vulnerabilities to help product and engineering teams fix them, and advise on the right mitigation strategies
- Drive the lifecycle of submissions through to resolution, coordinating with product and engineering stakeholders
- Act as the security bridge between external researchers and internal teams to facilitate rapid and effective remediation
- Conduct in-depth data analysis on bug reports and vulnerability patterns to identify systemic risks and inform new security initiatives
- Provide tactical support for vulnerability management triage processes to augment the team as needed
- Prepare and implement improvements to the overall bug bounty program
- Provide feedback and requirements for tool development to enhance triage and security workflows, leveraging opportunities for automation
Who you are
We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
- Proven ability to follow bug reports and accurately triage security vulnerabilities
- Familiarity with web security issues and exploit methodologies (e.g., OWASP Top 10, CWEs)
- Competent in offensive security tools (e.g., Burp Suite, custom scripting)
- Ability to think like an attacker to understand the impact of vulnerabilities
- Proficient in clear communication, conveying technical concepts to various stakeholders
- Experience in one of the following areas
- Bug bounty program or triaging security vulnerability reports
- Knowledge of Stripe products and general security expertise
Preferred qualifications
- Experience in technical support, operations, or similar roles with technical systems exposure
- Prior participation in or experience with bug bounty programs
- Experience analyzing source code for security vulnerabilities
- Proficiency in scripting languages (e.g., Python, Ruby) for automation
- Familiarity with cloud-based services (e.g., AWS, GCP)
- Certifications such as OSWA or BSCP
- ...the Role This is our first dedicated security hire, and it's a rare chance to define... ...early engineer, not just a user. You helped secure it from early design or during major... ...you've run security programs in practice: bug bounty, pentest engagements, working with external...SuggestedFull timeRemote work
$130k - $145k per year
...their inbound pipeline motion. Overview: We are seeking a Security Analyst who is passionate about safeguarding systems, data, and people... ..., helping employees remain productive while operating in a secure environment. This role blends hands-on security operations,...SuggestedRemote job$104k - $139k per year
...companies. Our work focuses on diverse areas including AI, social media, security and more. And we’re doing this while never losing our focus on... ...in to resolve issues impacting users and developers, from small bugs to larger incidents. Collaborate with designers, product...SuggestedFull timeImmediate startRemote workHome office$175k - $215k per year
...there About the role As an Application Security (AppSec) Engineer at Sardine, you will... ...and mitigating security risks, building secure systems, and fostering a strong security... ...automated tools, manual testing, and external bug bounty programs. Collaborate with engineering...SuggestedRemote jobInternshipWorldwideHome officeFlexible hours- ...below] Aperçu du poste : Nous recherchons des conseillers en sécurité financière dévoués et bien informés pour rejoindre notre équipe.... ...: We are seeking dedicated and knowledgeable Financial Security Advisors to join our team. The ideal candidate will provide financial...SuggestedExtra incomeCasual workRemote workWork from homeFlexible hours
- ...und Softwarelösungen mit eigenem Datacenter. Im Bereich Cloud & Security entwickeln und betreiben wir individuelle IT-Lösungen. Von Managed... ..., skalierbare und moderne IT-Infrastruktur. Business Analyst (a) 80 bis 100% | calculo (Fee Management) | Cloud & Software...Permanent employmentFull timeHome officeFlexible hours
$140k - $210k per year
...Job Responsibility: About Prelude Prelude is a technology company that helps organizations proactively ask questions of their security systems to know if their defenses are protecting them from the latest threats. Built around the notion of visibility, our products conduct...Full timeFlexible hours- ...world, to align on strategy and execution. The company is founder-led, profitable, and growing. Canonical is looking for exceptional security-focused software engineers to be integrated across product teams. While they also contribute to the product as engineers, their...Long term contractFull timeWork at officeLocal areaRemote workWorldwide
- ...experiences. Your new role : A hands-on Manager (Application Security)to lead and mature our application security program while... ...proactively identify risks, drive remediation, and help ensure secure software delivery at scale. Working closely with Engineering,...Permanent employmentFlexible hours
- ...time zones. Join us on our mission to transform lives by simplifying money, together. The Role: Monarch is hiring a Senior Security Engineer, Detection and Response to join our Security team within Foundations — the first dedicated hire for this function. Reporting...InternshipWork at officeImmediate startRemote workWork from homeWeekend work
- ...Über uns - C24: Der führende Anbieter der videogestützten Fernüberwachung wächst! Stay secure – die C24 GmbH ist ein Tochterunternehmen der BauWatch International GmbH, dem Marktführer im Bereich der mobilen und temporären Videoüberwachung. Gegründet 2016 betreibt die C24...Permanent employmentFull time
- ...As the most widely used Linux distribution, Ubuntu underpins the security of the entire internet. The role of Security Engineering Manager... ...responsibility is to respond to emerging threats and aim to secure the open source ecosystem for community and enterprise use. Your...Full timeLocal areaRemote workWorldwide
$75.02k - $97.53k per year
...Job Responsibility: Location: Mount Pearl Square Budget Analyst *Repost Budgeting Remote Work Opportunities Permanent, Full Time 10163POS Hours 70 bi-weekly (8 hour days) Salary HL-22 ($75,020.40 - $97,533.80 per annum) Competition Number (***) ***-**** Posted Date...Permanent employmentFull timeRemote work$225k - $275k per year
...Principal-level individual contributor position embedded in the Security Engineering organization, focused on Wirespeed’s most complex detection... ...navigate complex architectural decisions and develop scalable, secure solutions. Skills and Qualifications Significant...Long term contractFixed term contractWork at officeRemote workHome officeFlexible hours$157.7k - $207.7k per year
...unit of Cloud Software Group is currently looking for Principal Security Technology Strategists to join our team in North America. Citrix... ...possible in a Zero Trust world. Security practitioners love the “secure by design” nature of our virtualization products. Over the years...Remote jobTemporary workLocal areaHome office- ...Position Overview We are seeking an experienced Security Software Data Engineer III to support enterprise security initiatives focused on encryption, certificate lifecycle management, key management, and enterprise cryptographic infrastructure. This role combines strong...Permanent employmentFull timeRemote work
- ...Analyzes, solutions, develops, tests, debugs, documents and deploys software according to standards in an agile environment. Applies secure software and systems engineering practices throughout the delivery lifecycle to ensure our data and technology solutions are protected...Contract workRemote work
- Analyste en assurance qualité Permanent à temps plein | Siège social - Caraquet (télétravail peut être considéré) Votre plus grande motivation est d’analyser et de trouver des bonnes solutions? Vous êtes quelqu’un de...Permanent employmentFull timeSummer workRemote workFlexible hours
- ...Senior Business Analyst About SMRTR SMRTR has been helping organisations streamline business processes since 2002 through automation, compliance, and content management solutions. Their software supports industries such as manufacturing, food and beverage, distribution...Remote jobLong term contractFull timeInternship
- ...Job Responsibility: Finance & Operations Analyst Remote first (Must be based in Canada and available during Eastern Time business hours) Full-Time | Reports to: VP(Finance) A little about Avesdo We are a New Home Sales OS focused on optimising the new home sales...Full timeRemote workHome officeFlexible hours
- ...focused on two new major product lines coming to market in the next few months. Join us!! The Role We're hiring a Staff/Senior Security Engineer to lead our signing and treasury security program across wallets and custodian accounts. This is a high-impact, mission-...Full timeContract workRemote workFlexible hours
- ...We’re making security suck less for developers. Security tools haven’t kept up with how software is built today. They interrupt teams, slow releases, and turn security into a bottleneck instead of a capability. We built Aikido to change that. Aikido builds developer-first...Permanent employmentFull time
- ...This is a remote position. Enterprise Service Desk Analyst (Large Enterprise Environment) Location Requirement: Candidates must... ...minimum 2+): CompTIA A+ CompTIA Network+ CompTIA Security+ ITIL Foundation (required) Microsoft Certified: Azure...Contract workRemote workFlexible hours
- ...Global, we are providing recruitment service to our TOP clients from our portfolio. We are currently seeking a Card Payment Support Analyst to join one of our clients ' teams. If you're looking for an exciting opportunity to grow in a innovative environment, this could...Permanent employmentFull timeWork at officeRemote workShift work
$89.47k - $111.83k per year
...Job Responsibility: : Senior Program Funding Analyst Human Services - Early Years and Child Care Services Status: Contract Full Time Duration: 12 months Salary Range: $89,469 to $111,834 per annum (plus comprehensive benefits) Work Mode: Hybrid* see below for more details...Long term contractFull timeContract workFixed term contractFlexible hours- ...send, and receive digital tokens instantly, securely, and globally, all at a fraction of the... ...KEET , our flagship app that redefines secure and private data sharing. Tether Education... ...-driven and hands-on People Technology Analyst whose primary mission will be to review,...Permanent employmentFull timeContract workImmediate startRemote workWorldwide
- Application Security Architect – CONTRACT – (2-3 days per week) We are looking for an Application Security Architect for a contract role requiring 2-3 days work per week. Onsite is required once every 2 weeks in GTA by Toronto Airport. Your basic responsibilities include:...Contract work2 days per week3 days per week
- Roles & responsibilities Analyze data sets to identify trends, patterns, and actionable insights that improve Contact Center performance. Ensure reports and analytics align with business goals and strategic direction. Identify, gather, and document new reporting requirements...Permanent employmentFull timeWork at officeFlexible hoursShift work
$50k - $70k per year
...Web Analytics Analyst - Eldis Group Partnership Remote See What We're All About As one of the nation's largest suppliers of... ...warranty providers, and DIYers get the parts they need—fast and securely. As Parts Town Home, we're part of the powerhouse Parts Town family...Remote jobFull timeLive In- Responsable de la sécurité informatique Partager À titre de Responsable de la sécurité informatique, tu joueras un rôle clé dans la mise en œuvre de notre stratégie technologique à long terme. Tu seras chargé de veiller à ce que les meilleures pratiques en matière de sécurité...Daily paid
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Analyst, Bug Bounty. Be the first to apply!
