Bugcrowd

Bugcrowd

Bugcrowd provides a crowdsourced cybersecurity platform that connects organizations with elite security researchers to enhance security measures through managed bug bounty programs, penetration testing, and vulnerability disclosure initiatives.

Internet Software & Services
1K-5K
Founded 2012
$79M raised

Description

  • Lead, grow, and mentor a geographically distributed team of product security engineers.
  • Set strategy and drive execution for application security, platform security, and FedRAMP programs.
  • Own and evolve the secure development lifecycle, including shift-left security initiatives.
  • Drive architecture reviews, threat modeling, SAST, DAST, continuous end-to-end testing, and advanced fuzzing efforts.
  • Design and launch a Security Foundations program focused on secure-by-default engineering.
  • Develop paved roads and developer guardrails to reduce classes of vulnerabilities across the engineering organization.
  • Own the security roadmap and day-to-day operations of the FedRAMP program.
  • Build strong partnerships with software engineering, DevOps, product management, and operations teams.
  • Drive sustained improvement across complex projects spanning multiple teams and business units.

Requirements

  • 7+ years of experience in cybersecurity with a focus on Product Security, Application Security, or Platform Security.
  • 2+ years of experience directly managing and mentoring security engineers.
  • Demonstrated experience managing complex projects and driving sustained improvement across multiple teams.
  • Excellent communication skills and proven ability to collaborate with engineering, DevOps, product, and operations teams.
  • Deep hands-on experience integrating security into modern CI/CD pipelines.
  • Strong proficiency in threat modeling, architecture reviews, and automated security testing, including SAST, DAST, SCA, and fuzzing.
  • Fluency in one or more modern programming languages such as Python, Go, Ruby, or Java.
  • Strong understanding of cloud-native architectures on AWS, GCP, or Azure.
  • Experience with Kubernetes, Docker, Linux, and Infrastructure as Code such as Terraform.
  • Practical experience supporting compliance requirements such as FedRAMP (preferred), PCI, SOC2, ISO27001, or NIST 800-53.
  • Preferred experience managing, triaging, or participating in bug bounty programs.
  • Preferred background building secure-by-default internal libraries or paved roads.
  • Preferred experience at a fast-paced, high-growth security or SaaS company.

Benefits

  • Base salary range of $176,000 to $242,000.
  • Eligibility for a discretionary bonus program or commission plan.
  • Opportunity to work for a company backed by General Catalyst, Rally Ventures, Costanoa Ventures, and others.
  • Commitment to a collaborative, inclusive workplace culture.
  • Reasonable accommodations provided for candidates and employees with disabilities.
  • Background check process includes standard employment and education verification for applicable roles.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Senior Manager, Engineering

Sumo Logic 251-1K Internet Software & Services

Sumo Logic is hiring a Senior Manager, Engineering for Application Security to lead global programs that improve product security, reliability, and operational efficiency across its cloud platform.

Agile AWS C++ Docker GCP Java Kafka Kubernetes OWASP Ruby Scala SIEM
14 hours, 8 minutes ago

Security Engineering - Apps and Cloud Security

CallTek 51-250 Internet Software & Services

A security engineer at the company will own cloud and application security initiatives across CSPM, CIEM, CWPP, and AppSec platforms, with a focus on securing multi-cloud environments and enabling DevSecOps.

AWS DevSecOps GCP
14 hours, 8 minutes ago

Senior Configuration Engineer, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Configuration Engineer to lead enterprise release management and delivery automation across cloud-native, SaaS, and AI product environments.

Ansible Azure Bash CI/CD DevSecOps Docker GitOps Jenkins Kubernetes PowerShell Python Secrets Management Terraform
6 days, 13 hours ago

Senior Cyber-Security Operations Analyst, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Cyber Security Operations Analyst to help design and scale secure Azure-based development and QA environments while improving CI/CD delivery and integrating security across the software lifecycle.

Ansible AWS Azure Bash CI/CD DevSecOps Docker GCP Git GitHub Actions Jenkins Kubernetes PowerShell Python Secrets Management Terraform
6 days, 13 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers