Simplify Logo

Full-Time

Application Security Engineer

Posted on 9/6/2024

Bugcrowd

Bugcrowd

1,001-5,000 employees

Crowdsourced cybersecurity vulnerability identification platform

Consulting
Venture Capital
Enterprise Software
Cybersecurity
AI & Machine Learning

Junior, Mid

Remote in UK

Category
Cybersecurity
IT & Security
Required Skills
Communications
Linux/Unix
Requirements
  • Bachelor’s degree or previous security consulting experience
  • Published and demonstrated passion for security assessment research
  • High proficiency with Burp Suite (or any other interception proxy) and a working level of experience with other industry standard tools (nmap, sqlmap, anything included in Kali Linux)
  • Ability to execute on individual projects but still contribute to the team
  • Ability to complete tasks on time
  • Strong organization, influencing, and communication skills
Responsibilities
  • An ASE is responsible for the ongoing triage and validation services of Bugcrowd managed programs.
  • Under the direction of the Director of Technical Operations, you will take incoming submission data and curate it for validity, accuracy, and severity as well as communicate directly with Bugcrowd’s clients or researchers when additional information is required.
  • ASEs also handle Incident Response – escalating and communicating about the highest severity bugs to clients.
  • ASEs need to have strong knowledge of OWASP Top Ten type vulnerabilities.
  • They also usually require a strong skill set in one scripting/development language, often to assist with the design or development of tooling for improving the triage/validation process.

Bugcrowd provides crowdsourced security solutions by connecting businesses with a global community of trusted hackers and security researchers. Their main product is bug bounty programs, where companies reward experts for finding and reporting vulnerabilities in their systems, making this approach more effective than traditional security measures. Bugcrowd stands out by leveraging the collective expertise of a diverse group of security professionals and offering additional services like attack surface management. The company's goal is to enhance the security of its clients and ensure protection of sensitive data against cyber threats.

Company Stage

Series E

Total Funding

$180.7M

Headquarters

San Francisco, California

Founded

2012

Growth & Insights
Headcount

6 month growth

5%

1 year growth

19%

2 year growth

36%
Simplify Jobs

Simplify's Take

What believers are saying

  • The $102 million funding round and subsequent acquisition of Informer position Bugcrowd for significant growth and technological enhancement.
  • Bugcrowd's introduction of AI Penetration Testing and AI Bias Assessments demonstrates its commitment to staying at the forefront of cybersecurity innovation.
  • Partnerships with companies like Portnox for private bug bounty programs expand Bugcrowd's market reach and client base.

What critics are saying

  • The integration of Informer could present challenges in aligning technologies and corporate cultures, potentially slowing down innovation.
  • The competitive landscape in cybersecurity is intense, with numerous firms vying for market share, which could impact Bugcrowd's growth.

What makes Bugcrowd unique

  • Bugcrowd leverages a global community of security researchers to crowdsource cybersecurity solutions, offering a more dynamic and comprehensive approach than traditional security firms.
  • The company's recent acquisition of Informer enhances its attack surface management capabilities, integrating advanced ASM technology directly into its platform.
  • Bugcrowd's focus on compliance with regulatory requirements like PCI DSS, GDPR, SOC 2, and ISO 27001 provides an added layer of trust and reliability for clients handling sensitive data.

Benefits

Competitive salary & stock options

Opportunities to attend & host relevant conferences & meetup

Flexible vacation time

Medical, dental & vision coverage

Generous workstation allowance

Company-sponsored off-sites & celebrations

Pre-tax commuter benefits

401k

INACTIVE