Job Type: Contract
- Track the lifecycle of bug bounty reports submitted through the Bug Bounty Program (BBP) assuring that program SLAs are met.
- Triage security vulnerabilities that are disclosed through the BBP.
- Facilitate communications as needed between the BBP and various engineering teams, development teams, and finders.
- Collaborate with Risk and Incident Response teams as needed to facilitate the management of reported security vulnerabilities.
- Schedule and assist with penetration and remediation testing for a wide variety of assets.
- Process and track all bug bounty payments to researchers and provide monthly expenditures.
- Analyze the data produced by Bug Bounty Program using to surface trends and other insights which can be utilized to positively affect security.
- Assist with the development of internal tooling to benefit the penetration testing and BBP programs.
We believe that success in this role will demonstrate itself through the following attributes and skills:
- Experience in Bug Bounty Management and experience working with shifting timelines and priorities is preferred.
- Strong oral and written communication skills with demonstrated experience presenting to various internal and external groups.
- Work effectively in situations involving uncertainty or lack of information, respond favorably to change, and react decisively in an unstructured environment.
- Demonstrated hands-on experience with penetration testing tools, such as Burp Suite or Metasploit
- Deep understanding of common application security issues, such as Cross-Site Scripting (XSS) and Server-Side Request Forgery (SSRF)
To fulfill this role successfully, you should demonstrate the following minimum qualifications:
- At least three (3) years of experience in Technology or a related field
- At least one (1) year of experience in a Cybersecurity-related role
It would be helpful in this position for you to demonstrate the following capabilities and distinctions:
- Bachelor’s Degree, or Associate’s Degree plus five (5+) years of Technology related experience, or High School Degree/GED plus ten (10+) years of Technology related experience
- Familiarity with one or more of the following technologies: Node.js, React, Express, GraphQL, IIS, Flask, ASP.NET, Active Directory (AD)
- Understanding of fundamental networking related concepts, such as the OSI model, subnetting, etc.
- Relevant cybersecurity certifications (e.g., OSCP, CEH)
- Prior security experience in a Fortune 500 or Hospitality environment
Due to client requirements, applicants must be willing and able to work on a W2 basis. For our W2 consultants, we offer a great benefits package that includes medical/dental/vision benefits, 401(k) with company matching, and life insurance.
Established in 1998, Ntelicor provides hard to find IT talent and flexible staffing and IT solutions to Fortune 50 and companies of all sizes. We dedicate ourselves to our clients’ unique needs and rapidly and efficiently deploy our specialists and solutions. As our team continues to grow, we look forward to providing our clients and our people with extraordinary value and service for years to come.
This job not for you? Refer your friends! If we hire a candidate you refer, you can earn up to $1,000 per referral.