Back to job search

Product Vulnerability Analyst

  • Location:

    London

  • Sector:

    Marketing, Creative, Digital & Tech

  • Job type:

    Temporary

  • Salary:

    £21 - £25 per hour

  • Contact:

    Natasha White

  • Contact email:

    natasha@careermovesgroup.co.uk

  • Contact phone:

    020 7758 4300

  • Job ref:

    BH-39433

  • Published:

    11 days ago

  • Duration:

    12 Months

  • Expiry date:

    2021-08-15

  • Startdate:

    2021-07-15

Product Vulnerability Analyst

Location: London

Length: 12 Months

Rate: £20.00 - £25.00 per hour

Hours: 9am – 6pm


Position Description

In this role, the candidate will be responsible for supporting a small team (Abuse Bug Bounty) in identifying threats and vulnerabilities to company products and users before they become significant issues.

Our client is focused  on proactively identifying and surfacing abusive tactics, content, processes, and product features that contribute to system vulnerabilities, poor user experiences, and/or risk for the company.

This requires thinking creatively to develop and conduct tests focusing on user safety, simulating abuse attacks, mapping real user experiences, analyzing and identifying root-causes, and communicating findings in a concise but detailed way. This also requires more advanced technical skills, an analytic and curious mind, excellent and professional communication skills, and a positive attitude to every task.

In this role, a candidate will:
  • Act as the intermediary between the company’s Security Research community and internal Eng Product teams.
  • Assess and reproduce incoming vulnerability reports with regards to impact and probability of each proposed attack scenario against our abuse ’s threat model
  • Translate vulnerabilities into realistic and understandable risk, while providing remediation advice.
  • Communicate clearly and efficiently with company VRP researchers as well as internal Eng Product teams.

Skill/Experience/Education

Mandatory
  • Two years of experience: communicating vulnerabilities and threats to technical and non-technical customers, threat modeling and/or in application-level vulnerability and/or penetration testing and exposing vulnerabilities in software products.
  • Excellent communication skills and ability to respond with empathy to both technical vulnerabilities as well as non-issues.
  • Experience in risk management and ability to prioritize in dynamic work environment Programming experience in Python, C/C++, Java, or Go.
  • Ability to speak and write English fluently and idiomatically, any other language is a plus.
  • Bachelor's degree in Computer Science, Computer Security or Engineering, or equivalent practical experience.
Desired
  • It would be great to have someone with a Certified Ethical Hacker (CEH) or similar industry certification.
  • Additionally, having someone with a demonstrated expertise with malware analysis or cloud would be useful.