About the Role:
At CrowdStrike our Bug Bounty Programs are a collaboration with third party
researchers where researchers are rewarded for discovering security bugs. You will be responsible for leading and executing these programs including, but not limited to triaging, tracking, and managing researcher communications. This will include working with external bug bounty researchers and internal stakeholders across various business units.
Effective communication; both written and verbal is key to this role. To be successful in this position you must possess strong technical skills to understand security related issues, but also a strong business acumen to help improve the overall program and communicate effectively to all parties. You will also need to stay organised and be able to report the triage and remediation status of multiple reports to management.
What You’ll Do:
Lead, manage and execute CrowdStrike bug bounty programs
Managing triage of bug bounty reports
Communicating effectively and professionally with third-party bug bounty researchers
Collaborating with the security teams for further vulnerability analysis
Collaborating with engineers to track vulnerability through resolution
Supporting internal tool development and coding projects during downtime
What You’ll Need:
Excellent written and verbal communication skills
Strong technical expertise in security vulnerabilities and the ability to reproduce technical issues
Understanding of application security principles, best practices and common web security vulnerabilities
Familiarity with common network protocols and standards
Familiarity with cloud environments like Amazon Web Services
Familiarity with application security testing processes and tools
Bonus Points:
Experience triaging bounty reports or support tickets
Familiarity with EDR, such as CrowdStrike Falcon
Experience automating processes
Experience building GenAI agents
Practical penetration testing experience
Practical software development experience
Application security related certifications
