Bug Bounty Security Researcher
About Inspectiv
At Inspectiv, we are dedicated to revolutionizing the landscape of vulnerability management with a unified platform for Bug Bounty as a Service and Pentesting as a Service. Our remote-first team is driven by the vision of providing all the advantages of vulnerability management without the traditional hassle or unpredictable expense. Join us in ensuring our clients that their external attack surface remains impeccably secure and fortified.
We are a well-funded Series A company with top tier investors.
The Opportunity
We are seeking highly skilled and motivated Bug Bounty Security Researchers to join our team. As a Bug Bounty Security Researcher, you will be responsible for identifying and reporting vulnerabilities in software applications, systems, and networks. Your expertise will help us improve the security of our products and services by discovering and mitigating potential threats.
What you will do:
- Conduct thorough research on target systems, applications, and networks to identify potential vulnerabilities.
- Develop and execute custom attack vectors using various tools and techniques (e.g., fuzzing, SQL injection, Cross-Site Scripting (XSS), Server-Side-Request-Forgery (SSRF), Remote Code Execution)
- Identify and exploit vulnerabilities in a responsible manner, ensuring that no harm is caused to the system or data being tested.
- Document all findings, including detailed descriptions of discovered vulnerabilities, proof-of-concept code, and steps taken to reproduce the issue.
- Participate in regular bug bounty programs and contribute to the improvement of our products and services.
What we’re looking for:
- 1 year of experience in security research, penetration testing, or vulnerability assessment.
- Strong understanding of computer systems, networks, and software applications.
- Some proficiency with programming languages (e.g., Python, C++, JavaScript, HTML) and offensive security tools (e.g., Burp Suite, OWASP ZAP, Nmap, Kali Linux).
- Experience with bug bounty programs and responsible disclosure practices.
- Excellent analytical and problem-solving skills.
- Strong communication and documentation skills.
Preferred Qualifications:
- Relevant Application Security Certifications: BurpSuite Certified Practitioner (BSCP), Offensive Security Web Expert (OSWE), GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Professional (OSCP)
- 3+ years of experience in security research, penetration testing, or vulnerability assessment.
- Has an awarded and recognized public Bug Bounty profile
- Has recognized contributions to Common Vulnerabilities and Exposures (CVEs)
What We Offer:
- Bounty awards for accepted vulnerabilities
- Recognition for submitted reports on various leaderboards on and off platform
- Experience in performing real-world penetration testing in Web Application, Mobile and Network Security
- A collaborative and empathy-led culture that takes security seriously and is on a mission to Secure The Internet
- A chance to participate in private, exclusive bug bounty programs
Compensation: As a remote, freelance security researcher with Inspectiv, you’ll have the flexibility to work on your own schedule while hunting for high-impact vulnerabilities. Security Researchers submit vulnerability reports via our Bug Bounty platform. We pay upon triage of valid reports that fall within the scope of programs. Payments are made weekly
If you are a motivated and skilled security researcher looking for new challenges, we encourage you to apply!
