Facebook's bug bounty program is seeking a skilled and motivated security analyst to help us secure close to 3 billion users You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world.
- Analyze, assess, and respond to various security vulnerabilities we receive as part of our Whitehat program.
-
Follow up with researchers on unclear reports.
-
Understand the root cause of security vulnerabilities to help the product team fix them.
-
Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives.
-
Own expansions to the program, including private programs.
-
Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy.
-
Implement bug fixes and feature enhancements to the program’s public and internal code base.
-
Good communication skills.
-
Familiarity with web security issues (e.g. OWASP top 10).
-
Ability to follow bug reports, reproduce and triage them.
-
Experience writing in scripting languages and willingness to learn new languages.
-
Participation in bug bounty programs (not necessarily Facebook’s bug bounty program).
-
2+ years of experience analyzing source code to find security vulnerabilities.
-
Contributions to the security community (public research, blogging, presentations, etc).