At Luta Security, we seek to build a safer, more efficient, and equitable future for all. If you’re looking to join a purpose-driven, nimble team that is both fast-paced and respectful of your time, we’d love to hear from you.
Careers
Luta Security has an exciting opportunity for an experienced Lead Security Triage Manager. This Full-Time position begins as an 8–12-week contract role to ensure mutual fit. The ideal candidate will have experience running bug bounty programs and can perform hands-on technical repro for vulnerability reports. They should be comfortable communicating with security researchers and making judgment calls on severity in the context of security impact. They must also be self-directed after learning customer preferences and capable of providing clear, regular updates to Luta Security’s customers.
They will provide vulnerability assessment support, focused on performing technical validation on incoming vulnerability disclosure or bug bounty cases. Additional responsibilities include performing research and analyzing current threats and vulnerabilities that may affect the enterprise, writing and clarifying steps to reproduce security bugs, technically validating fixes, and participating in performing focused adversarial assessments.
RESPONSIBILITIES-
Own the bug bounty programs of some of the biggest companies in the world
-
Lead a team of contractors performing triage and case management
-
Provide weekly updates to Luta Security customers
-
Calculate bug bounty metrics weekly, monthly, and quarterly
-
Own the end-to-end case resolution of incoming security reports, including any additional investigation
-
Perform research on current threats and vulnerabilities
-
Author security advisories or summaries
-
Conduct vulnerability assessments of IT systems
-
Other duties as assigned
QUALIFICATIONS & SKILLSRequired:
-
Prior experience running a bug bounty program
-
Penetration testing skills
-
Written and verbal communication skills with an emphasis on explaining security details and impact to developers and other technical personnel who may lack a security background
-
A nuanced understanding of Vulnerability Coordination and Disclosure
-
Basic familiarity with ISO 29147 and 30111
-
Demonstrated Experience with vulnerability assessment, including expert
Experience in at least two of the following areas:
-
Vulnerability Assessment
-
Intrusion Prevention and Detection
-
Access Control and Authorization
-
Policy Enforcement
-
Application Security
-
Protocol Analysis
-
Firewall Management
-
Incident Response
-
Encryption
-
Web filtering
-
Advanced Threat Protection
OUR COMMITMENT TO YOU
Pay Range & Benefits
-
Remote workforce - Located in the U.S. and must be eligible to work in the U.S. without sponsorship (for now)
-
Contract pay range: $50-$100 USD/hour.
-
All contracts begin at $50/hour while in training before case responsibilities are assigned.
-
$90-$100 USD/hour is the contract pay range once case management duties are assigned and the contractor can act more autonomously after training and onboarding are complete.
-
FTE salary range $100,000 - $175,000 USD/yr
-
Total FTE PTO is a minimum of 79 days/year via 11 federal holidays, 52 Fridays,
-
16 other vacation days as follows:
-
FTE PTO All Federal and State holidays (11 federal)
-
FTE PTO 2 weeks in summer & 2 weeks in winter (M-Thur x 4 = 16 days)
-
FTE 4 Day, 32-hour work week (Monday - Thursday), paid time off each Friday (52 days)
-
FTE healthcare stipend to cover 100% of monthly health insurance premium
-
Growth opportunities in a dynamic environment
-
Luta Security has an exciting opportunity for Security Program Managers. This contract position will provide vulnerability coordination support, focused on managing incoming vulnerability disclosure and bug bounty submissions from beginning to end with all associated internal and external teams. Additional responsibilities include documentation of Standard Operating Procedures (SOPs).
This is a contract role with up to 10 hours per week to start. There is a possibility of a full-time contract role or full-time employment in the future.
RESPONSIBILITIES
-
Owning end-to-end case management of incoming security reports
-
Standard Operating Procedure (SOP) documentation
-
Other duties as assigned
QUALIFICATIONS & SKILLS
Required:
-
At least 3 years of program management experience (security PM experience preferred, but technology or IT program managers will also be considered)
-
Firm understanding of Vulnerability Coordination and Disclosure
-
Familiarity with ISO 29147 and 30111
-
Demonstrated Experience with vulnerability assessment, including expert experience in at least two of the following areas:
-
Vulnerability Assessment
-
Intrusion Prevention and Detection
-
Access Control and Authorization
-
Policy Enforcement
-
Application Security
-
Protocol Analysis
-
Firewall Management
-
Incident Response
-
Encryption
-
Web filtering
-
Advanced Threat Protection
-
-
Luta Security has an exciting opportunity for Security Triage Managers. This contract position will provide vulnerability assessment support, focused on performing technical validation on incoming vulnerability disclosure or bug bounty cases. Additional responsibilities include performing research and analyzing current threats and vulnerabilities that may affect the enterprise, writing and clarifying steps to reproduce security bugs, technically validating fixes, and participating in performing focused adversarial assessments.
This is a contract role with up to 10 hours per week to start. There is a possibility of a full-time contract role or full-time employment in the future.
RESPONSIBILITIES-
Owning end-to-end case resolution of incoming security reports, including any additional investigation
-
Perform research on current threats and vulnerabilities
-
Author security advisories
-
Manage enterprise vulnerability compliance
-
Conduct vulnerability assessments of IT systems
-
Other duties as assigned
QUALIFICATIONS & SKILLS
Required-
Penetration testing skills
-
Written and verbal communication skills with an emphasis on explaining security details and impact to developers and other technical personnel who may lack a security background
-
Basic understanding of Vulnerability Coordination and Disclosure
-
Basic familiarity with ISO 29147 and 30111
-
Demonstrated Experience with vulnerability assessment, including expert experience in at least two of the following areas:
-
Vulnerability Assessment
-
Intrusion Prevention and Detection
-
Access Control and Authorization
-
Policy Enforcement
-
Application Security
-
Protocol Analysis
-
Firewall Management
-
Incident Response
-
Encryption
-
Web filtering
-
Advanced Threat Protection
-
-
We are looking for both contractors and contract-to-perm full-time employees.
Open Positions
To apply, send your resume and cover letter and which position you're applying to from the list above to careers@lutasecurity.com
Interested?
Our Commitment to Diversity, Equity & Inclusion
Our Commitment to Diversity, Equity & Inclusion
Our founder is committed to achieving pay equity in our lifetime across every industry.
To move us as a society towards that goal, she created the Pay Equity Now Foundation. At Luta Security, we’ve taken the Pay Equity Now Pledge, and we encourage you as a worker to insist upon pay equity for all genders and races wherever you choose to work, even if it’s not with us.
Luta Security is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to race, color, religion, national origin, ethnicity, age, sex, marital status, physical or mental disability, gender identity, sexual orientation, veteran or military status, or any other category protected under the law.
Luta Security is an equal opportunity employer; committed to creating a community of respect, inclusion, pay equity, and an environment free from discrimination, harassment, and retaliation.