Careers

Luta Security has an exciting opportunity for an experienced Lead Security Triage Manager. This Full-Time position begins as an 8–12-week contract role to ensure mutual fit. The ideal candidate will have experience running bug bounty programs and can perform hands-on technical repro for vulnerability reports. They should be comfortable communicating with security researchers and making judgment calls on severity in the context of security impact. They must also be self-directed after learning customer preferences and capable of providing clear, regular updates to Luta Security’s customers.
 
They will provide vulnerability assessment support, focused on performing technical validation on incoming vulnerability disclosure or bug bounty cases. Additional responsibilities include performing research and analyzing current threats and vulnerabilities that may affect the enterprise, writing and clarifying steps to reproduce security bugs, technically validating fixes, and participating in performing focused adversarial assessments. 
 ​
RESPONSIBILITIES

• Own the bug bounty programs of some of the biggest companies in the world

• Lead a team of contractors performing triage and case management

• Provide weekly updates to Luta Security customers

• Calculate bug bounty metrics weekly, monthly, and quarterly

• Own the end-to-end case resolution of incoming security reports, including any additional investigation

• Perform research on current threats and vulnerabilities

• Author security advisories or summaries

• Conduct vulnerability assessments of IT systems

• Other duties as assigned

​
QUALIFICATIONS & SKILLS

Required: 

• Prior experience running a bug bounty program

• Penetration testing skills

• Written and verbal communication skills with an emphasis on explaining security details and impact to developers and other technical personnel who may lack a security background

• A nuanced understanding of Vulnerability Coordination and Disclosure

• Basic familiarity with ISO 29147 and 30111 

• Demonstrated Experience with vulnerability assessment, including expert

​

Experience in at least two of the following areas:

• Vulnerability Assessment

• Intrusion Prevention and Detection

• Access Control and Authorization

• Policy Enforcement

• Application Security

• Protocol Analysis

• Firewall Management

• Incident Response

• Encryption

• Web filtering

• Advanced Threat Protection

​

OUR COMMITMENT TO YOU

Pay Range & Benefits

• Remote workforce - Only within the U.S. (for now) 

• Contract pay range: $50-$100 USD/hour.

• All contracts begin at $50/hour while in training before case responsibilities are assigned.

• $90-$100 USD/hour is the contract pay range once case management duties are assigned and the contractor can act more autonomously after training and onboarding are complete.

• FTE salary range $100,000 - $175,000 USD/yr

• Total FTE PTO is a minimum of 79 days/year via 11 federal holidays, 52 Fridays,

• 16 other vacation days as follows:​

• FTE PTO All Federal and State holidays (11 federal)

• FTE PTO 2 weeks in summer & 2 weeks in winter (M-Thur x 4 = 16 days)

• FTE 4 Day, 32-hour work week (Monday - Thursday), paid time off each Friday (52 days)

• FTE healthcare stipend to cover 100% of monthly health insurance premium

• Growth opportunities in a dynamic environment