We are looking for a CSST Analyst to join the Cybersecurity Research & Offensive Security (CROS) team. This role is responsible for managing the day-to-day operations of the Bug Bounty Program, acting as the escalation point for incoming security vulnerabilities and ensuring timely analysis, communication, and remediation.
You will work closely with internal teams and external security researchers, perform vulnerability analysis and root cause investigations, and help drive improvements in processes, tooling, and automation. This is an exciting opportunity for an experienced penetration tester who wants to contribute to the maturity of a global cybersecurity program.
Sounds like your kind of challenge?
responsibilities :
Analyze, assess, and respond to security vulnerabilities reported via the Bug Bounty Program
Reproduce and validate reported vulnerabilities and perform root cause analysis
Communicate effectively with internal teams and external security researchers
Collaborate with stakeholders to explain risks and track remediation progress
Drive improvements in processes, tooling, and automation to enhance program efficiency
Advise on vulnerability remediation, control implementation, and secure development practices
Ensure continuous improvement of the Bug Bounty Program in line with cybersecurity strategy
Note: Detailed project information will be shared during the recruitment process.
requirements-expected :
Strong written and verbal communication skills in English
Ability to clearly articulate technical issues and their business impact
Hands-on experience in penetration testing (at least 4 years)
Expertise in at least one pentest domain (infrastructure, web apps, or mobile)
Solid understanding of platform security models for iOS and Android
Strong knowledge of web and mobile application security risks
Practical experience with manual and automated testing methods
Excellent understanding of TCP/IP, cryptography, and security implications
Proven programming/scripting skills
Ability to work independently and solve complex technical problems
offered :
Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
Hybrid work setup – remote days available depending on the client’s arrangements
Collaborative team culture – work alongside experienced professionals eager to share knowledge
Continuous development – access to training platforms and growth opportunities
Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
High quality equipment – laptop and essential software provided
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses
