Senior Technical Program Manager, Bug Bounty

Company: HackerOne
Location: Washington
Posted on: February 11, 2025

Job Description:

HackerOne is the global leader in human-powered security, harnessing the creativity of the world's largest community of security researchers with cutting-edge AI to protect your digital assets. The HackerOne Platform combines the expertise of our elite community and the most up-to-date vulnerability database to pinpoint critical security flaws across your attack surface. Our integrated solutions, including bug bounty, pentesting, code security audits, spot checks, and AI red teaming, ensure continuous vulnerability discovery and management throughout the software development lifecycle. Trusted by industry leaders such as Coinbase, General Motors, GitHub, Goldman Sachs, Hyatt, PayPal, and the U.S. Department of Defense, HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024.Senior Technical Program ManagerRemote Location: Seattle, WA, San Francisco Bay Area, Austin, TX, or Washington, DCPosition SummaryAs a Senior Technical Program Manager, you'll lead HackerOne's internal bug bounty program, leveraging your expertise in program management, security vulnerabilities, and collaboration.At HackerOne, we believe hacker-powered security is essential to securing the internet, and our program operates at scale, leveraging our large, diverse community of hackers.In this pivotal role, you'll ensure our program operates with excellence and continuously improves, keeping our products and services resilient and thoroughly tested for evolving security threats.At HackerOne, we embrace a Flexible Work approach, enabling our team members to work remotely while maintaining productivity and collaboration. We are seeking candidates located in Seattle, WA, San Francisco Bay Area, Austin, TX, or Washington, DC, and the surrounding metropolitan areas, to facilitate occasional in-person interactions as needed. While the position is primarily remote, there will be periodic in-person requirements to support team collaboration and foster stronger connections.What You Will Do

• Oversee the entire HackerOne bug bounty program, ensuring smooth operations and data-driven continuous improvement.
  • Maintain and update program scope, bounty table, and policies to align with evolving security needs.
  • Ensure timely triage and resolution of reported vulnerabilities, working closely with development teams.
  • Manage hacker relationships, fostering a positive and productive community.
  • Effectively communicate updates, trends, and metrics for the program to both internal and external stakeholders.
  • Use metrics to analyze program and vulnerability trends to proactively identify potential risks and implement preventive measures.
  • Reduce mediations and report backlog by streamlining processes and policies for the program, improving triage efficiency, and setting and enforcing quality standards for vulnerability submissions.Minimum Qualifications
    • 6+ years of experience as Technical Program Manager or similar role in a security-focused organization.
    • Experience managing bug bounty programs or similar initiatives working with or managing hacker communities.
    • Strong understanding of common security vulnerabilities, CVSS scoring, and vulnerability management workflows.
    • Excellent communication and interpersonal skills, with the ability to effectively communicate with technical and non-technical stakeholders.Preferred Qualifications
      • Familiarity with bug bounty platforms like HackerOne.
      • Ability to work independently and as part of a cross-functional, distributed team.
      • Ability to analyze data, develop actionable insights, and make data-driven decisions for continuous improvement.Job Benefits:
        • Health (medical, vision, dental), life, and disability insurance*
        • Equity stock options
        • Retirement plans
        • Paid public holidays and unlimited PTO
        • Paid maternity and parental leave
        • Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)
        • Employee Assistance Program
        • Flexible Work Stipend*Eligibility may differ by countryWe are a Circle Back Initiative Employer and commit to responding to every applicant.We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with as our Employer of Record (EOR).Employment at HackerOne is contingent on a background check.HackerOne is an in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws.This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time.For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.HackerOne ValuesHackerOne commits to maintaining a strong, inclusive culture built for our employees and our community of hackers. We are driven by our five core values. We recognize that our mission is bigger than us, and therefore act with integrity at all times. As a team, we believe that transparency builds trust so we default to disclosure in our communications. Each individual executes with excellence, creating an environment of greater alignment and greater autonomy. We win as a team and respect all people to empower everyone to learn from each other, innovate, and grow.
          #J-18808-Ljbffr

Keywords: HackerOne, Washington DC , Senior Technical Program Manager, Bug Bounty, IT / Software / Systems , Washington, DC