Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Security Analyst, Bug Bounty

Full-time

Stripe

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

In this role, you’ll join Stripe’s Vulnerability Management team, whose mission is to “Surface vulnerabilities at scale across Stripe.” Our vision is to create a culture of continuous excellence in managing vulnerabilities. The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe’s security “immune system.”

What you’ll do

We seek a highly technical and detail-oriented Security Analyst to join our team, focusing on the front lines of bug bounty triage and researcher engagement. In this role, you’ll be responsible for the end-to-end lifecycle of security vulnerability reports from our bug bounty program. You’ll own the overall effectiveness of Stripe’s bug bounty program with autonomy to implement continuous improvements (e.g., researcher campaigns, scoring transparency).

You’ll play a key role in understanding the root cause of vulnerabilities, coordinating timely resolutions, and directly impacting the security posture of Stripe’s products. A core aspect of this role is developing a deep understanding of Stripe and acquired company products, assets, and their configuration to effectively assess and prioritize vulnerabilities.

Responsibilities

  • Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program
  • Communicate clearly and effectively with security researchers to follow up on unclear reports, drive report clarity, and increase engagement with top hackers
  • Understand the root cause of security vulnerabilities to help product and engineering teams fix them, and advise on the right mitigation strategies
  • Drive the lifecycle of submissions through to resolution, coordinating with product and engineering stakeholders
  • Act as the security bridge between external researchers and internal teams to facilitate rapid and effective remediation
  • Conduct in-depth data analysis on bug reports and vulnerability patterns to identify systemic risks and inform new security initiatives
  • Provide tactical support for vulnerability management triage processes to augment the team as needed
  • Prepare and implement improvements to the overall bug bounty program
  • Provide feedback and requirements for tool development to enhance triage and security workflows, leveraging opportunities for automation

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

  • Proven ability to follow bug reports and accurately triage security vulnerabilities
  • Familiarity with web security issues and exploit methodologies (e.g., OWASP Top 10, CWEs)
  • Competent in offensive security tools (e.g., Burp Suite, custom scripting)
  • Ability to think like an attacker to understand the impact of vulnerabilities
  • Proficient in clear communication, conveying technical concepts to various stakeholders
  • Experience in one of the following areas
    • Bug bounty program or triaging security vulnerability reports
    • Knowledge of Stripe products and general security expertise

Preferred qualifications

  • Experience in technical support, operations, or similar roles with technical systems exposure
  • Prior participation in or experience with bug bounty programs
  • Experience analyzing source code for security vulnerabilities
  • Proficiency in scripting languages (e.g., Python, Ruby) for automation
  • Familiarity with cloud-based services (e.g., AWS, GCP)
  • Certifications such as OSWA or BSCP
Vacancy posted 4 hours ago
Similar jobs that could be interesting for youBased on the Security Analyst, Bug Bounty in North America vacancy
  •  ...the Role This is our first dedicated security hire, and it's a rare chance to define...  ...early engineer, not just a user. You helped secure it from early design or during major...  ...you've run security programs in practice: bug bounty, pentest engagements, working with external... 
    Suggested
    Full time
    Remote work

    Hightouch

    North America
    5 days ago
  •  ...Recharge Time - Generous PTO and unlimited sick days Future Security - RRSP (Canada) and 401k (US) matching programs Continuous...  ...- $2,500 annual development fund, tuition assistance, and Book Bounty program Team Connection - Annual company events and team offsites... 
    Suggested
    Full time
    Remote work
    Flexible hours

    SpryPoint

    North America
    11 days ago
  • $130k - $145k per year

     ...their inbound pipeline motion. Overview: We are seeking a Security Analyst who is passionate about safeguarding systems, data, and people...  ..., helping employees remain productive while operating in a secure environment. This role blends hands-on security operations,... 
    Suggested
    Remote job

    Qualified

    United States
    more than 2 months ago
  •  ...After you join the team, we'll verify your eligibility to work in the U.S. by submitting information from your Form I-9 to the Social Security Administration and, if needed, the Department of Homeland Security. This process happens post-hire only — we never use E-Verify to... 
    Suggested
    Full time
    For contractors
    Remote work

    Hightouch

    North America
    7 days ago
  • $145k - $165k per year

     ...migration, and ensure our platform delivers exceptional performance and security for thousands of properties worldwide. Your work will directly...  ...user interactions across the Cloudbeds ecosystem Architect secure solutions for handling financial transactions and sensitive... 
    Suggested
    Long term contract
    Full time
    Work at office
    Local area
    Remote work
    Work from home
    Worldwide
    Home office
    Weekend work

    Cloudbeds

    North America
    7 days ago
  • $16 per hour

     ...Discount on food at our restaurant Reporting to the Property Manager, the Security Agent is responsible for safeguarding our assets, staff, and visitors. You will be tasked with maintaining a safe and secure environment by implementing preventive measures and responding... 
    Full time
    Flexible hours

    Groupe TIDAN

    United States
    2 days ago
  •  ...departments. This is a high­ profile and impactful, hands­-on position that will require grit. Work together with our developers and privacy/security experts to help us take our browser to the next level.  Requirements ~5+ years experience with testing software ~ Strong... 
    Work at office
    Remote work
    Home office

    Brave

    North America
    15 days ago
  •  ...After you join the team, we'll verify your eligibility to work in the U.S. by submitting information from your Form I-9 to the Social Security Administration and, if needed, the Department of Homeland Security. This process happens post-hire only — we never use E-Verify to... 
    Full time
    Remote work

    Hightouch

    North America
    3 days ago
  •  ...After you join the team, we'll verify your eligibility to work in the U.S. by submitting information from your Form I-9 to the Social Security Administration and, if needed, the Department of Homeland Security. This process happens post-hire only — we never use E-Verify to... 
    Full time
    Remote work
    Flexible hours

    Hightouch

    North America
    3 days ago
  •  ...After you join the team, we'll verify your eligibility to work in the U.S. by submitting information from your Form I-9 to the Social Security Administration and, if needed, the Department of Homeland Security. This process happens post-hire only — we never use E-Verify to... 
    Full time
    Remote work

    Hightouch

    North America
    13 days ago
  •  ...de plusieurs types d’audit (ex. : fournisseurs, sites d’investigateur, dossiers principaux de l’essai, gestion de données, rapport de sécurité et laboratoires). Excellente connaissance des exigences réglementaires des BPx. Connaissance de la terminologie médicale et... 
    Daily paid
    Contract work
    Temporary work
    Work at office
    North America
    10 hours ago
  •  ...time zones. Join us on our mission to transform lives by simplifying money, together. The Role: Monarch is hiring a Senior Security Engineer, Detection and Response to join our Security team within Foundations — the first dedicated hire for this function. Reporting... 
    Internship
    Work at office
    Immediate start
    Remote work
    Work from home
    Weekend work

    Monarch Money

    United States
    16 days ago
  •  ...After you join the team, we'll verify your eligibility to work in the U.S. by submitting information from your Form I-9 to the Social Security Administration and, if needed, the Department of Homeland Security. This process happens post-hire only — we never use E-Verify to... 
    Full time
    Remote work

    Hightouch

    North America
    3 days ago
  •  ...After you join the team, we'll verify your eligibility to work in the U.S. by submitting information from your Form I-9 to the Social Security Administration and, if needed, the Department of Homeland Security. This process happens post-hire only — we never use E-Verify to... 
    Full time
    Remote work

    TALENGER

    North America
    29 days ago
  •  ...world. If you're excited to shape the future of design and collaboration, join us! Figma is looking for a Senior Credit & Collections Analyst to join our Accounting team. This is a high-impact role with ownership over collections strategy, cross-functional collaboration, and... 
    Hourly pay
    Full time
    Remote work
    Work from home

    Figma

    United States
    23 days ago
  • $132k - $282k per year

     ...that powers GitLab's authentication and authorization systems at scale. This role focuses on the foundational components that enable secure, performant, and reliable identity services across all GitLab deployment models while supporting our transition to a zero-trust architecture... 
    Remote job
    Internship
    Home office

    GitLab

    United States
    more than 2 months ago
  • $145k - $260k per year

     ...design, coding, code review, unit/integration testing, bug fixing, and code/API documentation. Collaborate closely...  ...offer an enterprise plan with features around privacy, security and environment management (e.g. secure distribution and management of API keys). These larger... 
    Remote job
    Remplacement
    Internship
    Work at office
    Immediate start
    Flexible hours

    Warp

    United States
    more than 2 months ago
  •  ...TSAT) is a leading global satellite operator, providing reliable and secure satellite-delivered communications solutions worldwide to...  ...test and support teams to ensure comprehensive testing and efficient bug resolution. In addition, you will take the lead in technical discussions... 
    Internship
    Work at office
    Worldwide

    Telesat

    United States
    more than 2 months ago
  •  ...frameworks. Triage and classify issues: Distinguish between configuration/integration errors, data issues, product limitations, and genuine bugs. What You’ll Bring ~3+ years in a role that includes deep technical troubleshooting (e.g., Technical Support Engineer, QA Engineer... 
    Remote job

    Customer Service

    United States
    12 hours ago
  •  ...Assistant Coordinate delivery across Data Engineering, DS ICs, Security, IT, and business stakeholders (Sales, Product, Finance,...  ...BI tooling (Hex, Sigma), and AI-powered query interfaces (Cortex Analyst, RAG) at a program level ~ A track record of driving adoption... 
    Full time
    Remote work
    Work from home
    Shift work

    Figma

    United States
    19 days ago
  •  ...behavior and sign‑off criteria for silicon. Have impact measured through coverage metrics achieved, quality and reproducibility of bugs found, and robustness of the verification environment you help build. What You Will Learn End‑to‑end SoC design and verification... 
    Permanent employment
    Summer work
    Internship
    Work at office

    Tenstorrent University Jobs

    United States
    13 days ago
  • $100k per year

     ...from a firmware perspective. Debug complex hardware-software interactions, including signal integrity issues and protocol-level timing bugs. What You Will Learn What it means to shape AI acceleration hardware and networking infrastructure from the ground up. How... 
    Permanent employment

    Tenstorrent

    United States
    11 days ago
  •  ...Measures In three months you’ll have contributed to the development of a project slated for the next major version, as well as fixed a few bugs in a minor version of our latest stable release series In six months, you’ll have taken on code review responsibilities and are... 
    Full time
    Local area
    Remote work
    Worldwide
    Flexible hours

    MongoDB

    United States
    8 hours ago
  •  ...Establish and enforce BI best practices, including data governance, security, and documentation. Monitor and improve query performance,...  ...regulations. Work cross-functionally with data engineers, analysts, and business teams to align data strategies. Act as a key advisor... 
    Remote job
    Live In
    Local area
    Home office
    Flexible hours

    OneSix

    United States
    more than 2 months ago
  • $200k - $276k per year

     ...into technical solutions Collaborate with Data Scientists and Analysts to enable advanced analytics, machine learning, and business...  ...initiatives and embedded reporting capabilities Engage with Security and Compliance teams to ensure data governance and regulatory requirements... 
    Remote job
    Long term contract
    Worldwide
    Home office

    Docker, Inc

    United States
    more than 2 months ago
  •  ...strategies for pricing, in-game promotions, SKUs, and ongoing content. ● Lead and prioritize the work of other Product Managers and Data Analysts, ensuring alignment with strategic goals and the delivery of high-quality results. ● Market Intelligence – Deliver research on the... 
    Casual work

    2K

    United States
    more than 2 months ago
  •  ...written and oral communication skills, and participation in a culture of writing things down.  ~ Committed to building high quality, secure, performant product and willing to pursue new learning in these areas.  Technical Competencies   ~ Experience developing large... 
    Full time
    Local area

    Fortive

    United States
    12 days ago
  •  ...re excited to shape the future of design and collaboration, join us! As Corporate Counsel you will help develop our corporate and securities legal strategy, ensuring our legal approach scales with the company's growth. This is a full time role that can be held from one... 
    Full time
    Remote work
    Work from home
    Shift work

    Figma

    United States
    17 days ago
  •  ...technical solutions Conduct code reviews, architectural reviews, and drive continuous improvement in code quality, performance, and security Champion cloud best practices, cost optimization, and platform modernization initiatives Required Qualifications ~8+ years of... 
    Full time
    Local area

    Fortive

    United States
    8 days ago
  •  ...and operate scalable distributed systems and services that power Figma's innovative tools for design and collaboration Develop and secure our internal and edge network running on AWS Help design and deploy an internal service mesh network which can support Figma's growing... 
    Full time
    Remote work
    Work from home

    Figma

    United States
    13 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Security Analyst, Bug Bounty. Be the first to apply!