Chess.com is the #1 place on the internet to play chess and improve your game. We have members in 195 countries and appear in 70+ languages. We are looking for a Security Engineer to join and help protect our 70+ million members. In this role you will use your coding and analysis skills alongside the security team to proactively identify and close security vulnerabilities through our Bug Bounty program.
You are resourceful and tactical in your abilities to identify problems and solve them seamlessly. You have experience in cybersecurity and expert quick-thinking abilities to foresee issues before they arise. You are humble with a sense of humor and don’t take yourself too seriously. You have been working in or dreamed of working in the gaming industry and are ready to turn your talents towards chess!
What You’ll Do
- Triage, reproduce, and assess vulnerability reports submitted through the Bug Bounty program
- Fix security vulnerabilities surfaced by Bounty reports, or work with other developers to get the issues fixed
- Identify patterns or systemic security problems and help us design clean solutions
- 2+ years professional experience in web application security
- Strong written communication skills in English
- Familiarity with Burp or similar tools for viewing and tampering with web requests
- Prior experience with a Bug Bounty program is a big plus
- Experience in PHP or JS
- Strong collaboration and communication skills working in a fully distributed team
- Sense of ownership and responsibility
- Chess player
- Lifelong learner
About the Opportunity
- This is a full time or equivalent position
- We are 100% remote (work from anywhere!)
- This is open to applicants from anywhere!
You can learn more about us here:
We look forward to meeting you!