Product Security Analyst

Your mission is to oversee incoming product security vulnerability reports from our researchers' community, while continuously sharpening their cybersecurity skills. This happens through dedicated interaction with the researchers' community and aims to offer the best possible service to both companies and researchers.

You focus on customers that have their products as scope, which includes a wide variety of products: software libraries, native applications, firewalls, embedded systems, operating systems, firmware, etc. When necessary, you help out the rest of the team working on web and mobile applications.

What you’ll be doing:

• Challenge and support both researchers and security teams using your entire security skillset.
• Research, POC and evaluate reports that come in through our platform (ensure they’re unique, concrete & actionable for our clients).
• Assess the severity of reported issues in relation to how they can disrupt business, including financial and managerial implications.
• Familiarity with and ability to calculate CVSS ratings.
• Review and provide feedback on reports in a constructive and supportive manner.
• Motivate and engage security researchers to continuously outperform themselves.
• Build a positive relationship with our community and customers in close collaboration with success management.
• Provide remediation advice and help customers make the most value out of received reports.
• Proactively identify and solve issues, as well as accept and quickly respond to delegated work.
• Communicate, document, and share your findings.
• Stay updated on the latest malware and security threats.
• Perform penetration tests and security validation on software libraries, firmware/hardware, embedded systems, computer systems, networks and applications.

What you’ll bring:

• Outstanding interpersonal abilities, and strong written and verbal communication skills.
• Fluent in English, both written and spoken.
• Bachelor's degree or a combination of education and 3 years of experience.
• Stress resistant & able to keep a clear focus on resolution in an incident-context.
• Hands-on experience in pentesting, security testing, and vulnerability assessments.
• A strong understanding of the (Ethical) Hacker culture.
• Attention to detail, analytical and problem-solving capabilities.
• Able to independently find solutions to both technical and non-technical problems.
• Flexible working hours, willing to take part in a 24x7 support organisation.
• Positive service-oriented personality.
• Proven technology skills.
• Knowledge of, or experience with, four or more of the following: Web application security, Mobile application security, Network security, Game hacking, Embedded systems and FPGAs, Binary exploitation, SIEM, SOAR and observability solutions, Operating system or driver hacking.

Nice to haves:

• Your very own bug bounty profile.
• Personal security research or disclosed vulnerabilities.
• OSCP, OSED, eJPT, CEPT, CPTS, CRTO, or other relevant certifications.

What is in it for you?

• Competitive salary.
• 26 days of annual leave and Bank Holidays.
• Top-notch Private Healthcare and Health Cash Plan.
• Hybrid working model.
• Initial home office budget.
• 2-month work abroad policy.
• Great training and yearly learning budget.
• Employer pension scheme.
• Enhanced maternity pay.
• Social activities and team outings.
• Referral bonus.
• Employee Assistance Program.
• Great hardware and access to the best tools to be successful in your role.
• Mobile subscription contribution.

Why join us?

• The security industry is fast-paced and continues to grow even during times of economic uncertainty.
• We provide a clear career path and learning budget to help set you up for success.
• Join a company that’s making a real impact. We empower ethical hackers from all backgrounds to earn a living.
• Our international team celebrates individuality and places a strong focus on diversity and inclusion.
• We are the proud winners of the Deloitte Rising Star award in 2020, the Deloitte Fast 50 award in 2021 and Security Innovation of the Year 2025 at the UK IT Industry awards.
• We’re backed by top investors who are enabling us to grow internationally.