Cyber Security Expert

Location: remote-first Job type: full-time Type of contract: permanent

About the job:

Can you imagine a world where business and digital solutions will be truly seamless and where users will help companies to co-create them? Do you want to help us to shape this human-centred world? Welcome to UNGUESS.

UNGUESS is the crowdsourcing platform for effective testing and real insights that enable tech, digital and business leaders to make smarter decisions, faster. How? Unleashing the power of the crowd, a community of highly engaged people all over the world that allows us to bring end-customer insights into the design, development, and testing phases of a product.

Why work at UNGUESS:

At UNGUESS, you’ll have the chance to make an immediate impact in a fast-paced and dynamic environment. We’re growing rapidly and strengthening our market position. Joining us now means stepping into an exciting challenge: one that won’t always be easy, but will undoubtedly be among the most rewarding and fulfilling experiences of your career. You’ll constantly learn, grow, and apply your full skill set across diverse and stimulating projects. UNGUESS Security is the Bug Bounty Platform that enables tech, digital and business leaders to improve the security leveraging a community of hundreds of certified ethical hackers who collaborate, among themselves and with security teams, to find vulnerabilities.

Your mission:

We are looking for a Cyber Security Expert, who will take ownership of our bug bounty programs as a triager and ensure that they are managed at best: on time, with professionalism and to a high standard. Moreover, this role will manage cyber security activities such as penetration testing and code reviews alongside the cyber security team.

Responsibilities:

• Manage and monitor the organization's bug bounty program, ensuring timely triage and resolution of reported vulnerabilities

• Conduct comprehensive penetration tests on web applications, networks, infrastructure, mobile applications, and AI/LLM systems to identify and exploit vulnerabilities

• Collaborate with cross-functional teams to validate and verify reported vulnerabilities, ensuring accurate assessments

• Create comprehensive reports for both internal and external stakeholders, summarizing identified vulnerabilities and recommended corrective actions

• Participate in red teaming exercises and contribute to the enhancement of the organization's overall security strategy

Requirements:

• At least 3 years of experience in Cybersecurity roles

• Strong understanding of common vulnerabilities (OWASP Top 10, etc.) and corresponding mitigation strategies

• Hands-on experience with penetration testing and ethical hacking

• Experience with bug bounty programs and external collaboration with security researchers

• Experience with AI security testing (e.g., prompt injection) is a plus

• Good technical skills with a keen interest in learning methodologies and exploit techniques

• Bachelor's / Master’s degree in Computer Science, Information Security, or a related field is a plus

• Spoken and written Italian and English

• Certifications such as OSCP, OSWE, CPTS, CWES, eCPPT, eWPT or equivalent are a plus

• Relevant references such as CVEs, Hall of Fame recognitions, and participation in bug bounty programs are a plus

Nice to have:

• Communication and interpersonal skills: Be an excellent team player

• Critical thinking and problem-solving skills

• Strong attention to detail

• Enthusiasm to be part of a fast-growing startup on a mission make a safer digital world

• Solution-oriented, constantly looking for ways to make things work better, run smoother and take less time

• Able to showcase proactive tendencies, continuously looking for ways to add and create value

We set high expectations, but we also offer great rewards:

• Compensation: €30,000 to €40,000/year gross salary and competitive MBO bonus - this range is a guideline; we’re first and foremost looking for the right person, the final offer will be shaped around you and reflect your skills and experience.

• Remote work lovers

• Fast-track growth opportunities

• Access to group and personal training programs

Please note that this job advertisement is open to applicants of all genders, in accordance with Laws 903/77 and 125/91.