CrawlJobs Logo

Security Analyst, Bug Bounty

shopify.com Logo

Shopify

Location Icon

Location:
Canada

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re seeking an experienced Security Analyst to join Shopify’s security organization, focused on our Bug Bounty program operations. Shopify powers millions of merchants worldwide—which means a large and dynamic attack surface. You'll work at the intersection of external researchers, internal engineering, and AppSec, turning vulnerability reports into clear, actionable findings that protect Shopify and its merchants. This role is equal parts security analysis, operational excellence, and high-quality communication.

Job Responsibility:

  • Bug bounty report triage quality and timeliness (meet SLOs, keep queues healthy, reduce rework)
  • Reproducing and validating reported security issues (prove exploitability, confirm impact, confirm affected assets, confirm fixes via retest/validation)
  • Writing clear, friendly, high-signal communication to external researchers while representing Shopify well
  • Maintaining meticulous internal documentation and context so issues can be routed and resolved efficiently
  • Using data to quantify performance and program health (queue state, SLOs, throughput, trend reporting)
  • Partnering with AppSec engineering when a report requires deeper engineering expertise
  • Detect, evaluate, and help address security threats to Shopify and its merchants
  • develop security controls and protocols
  • perform security audits
  • conduct vulnerability assessments and penetration tests
  • assist in the creation and implementation of security solutions
  • help mitigate compliance and regulatory risks
  • Solve problems quickly and follow (and improve) the team’s playbooks
  • Be meticulous in documentation and context capture (so others can pick up work without losing time)
  • Use data to investigate emerging risks/trends and translate them into repeatable solutions
  • Mentor teammates, raise the bar, and become the “go-to” expert in at least one area of the program (triage domain, vulnerability class, product area, tooling/workflows, etc.)

Requirements:

  • Strong written communication skills
  • A track record of fast, high-quality problem solving, with good judgment around impact, severity, and next steps
  • Comfort operating in externally-facing workflows with security researchers, representing Shopify professionally and consistently
  • Operational discipline: you follow playbooks, improve them when they’re wrong or incomplete, and turn “institutional knowledge” into documentation
  • High attention to detail in notes, reproduction steps, evidence, and decision rationale
  • A data-informed mindset: you use metrics to quantify your throughput and quality, track trends, and help improve program health over time
  • A growth-and-multiplication approach: you mentor teammates, raise the bar, and develop deep expertise in at least one domain (vuln class, product area, triage workflow/tooling)
  • A strong sense of accountability: you take responsibility for the quality of your interactions and outcomes, and you’re ambitious about improving the security and experience we deliver
  • Strong working knowledge of web application security fundamentals (authn/authz, session management, injection, IDOR, SSRF, XSS, CSRF, access control, multi-tenant risk, etc.)
  • Demonstrated ability to reproduce vulnerability reports reliably and communicate impact precisely
  • Experience doing vulnerability assessment and/or penetration testing (professionally or in a structured program)
  • Strong judgment on severity/impact assessment and how to ask for additional info when needed
  • Comfortable working in operational queues and juggling multiple in-flight investigations without losing quality

Additional Information:

Job Posted:
March 01, 2026

Work Type:
Remote work
Icon
Shopify - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Analyst, Bug Bounty

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, detail-oriented Appl...
Location
Location
Israel , Ramat Gan
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Ability to handle multiple requests and work in a fast-paced environment
Job Responsibility
Job Responsibility
  • Assist the SCA analysts in conducting vulnerability analysis of known open-source software vulnerabilities to identify affected libraries and other elements, such as the affected vulnerable code
  • Analyze code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Supervise the technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant Product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

The Security team at Zip is responsible for protecting the confidentiality and i...
Location
Location
United States , San Francisco
Salary
Salary:
160000.00 - 220000.00 USD / Year
ziphq.com Logo
Zip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience writing production-quality code for security tooling and services
  • Strong written and verbal communication with internal and external stakeholders
  • A solid understanding of security risks and the ability to balance security with business requirements
  • Experience with web applications, APIs, and cloud environments. At Zip, our stack includes Python, React, GraphQL, Kubernetes, and AWS
Job Responsibility
Job Responsibility
  • Design and implement technical controls to eliminate or mitigate classes of security vulnerabilities
  • Support the development of secure products through design reviews, threat models, static/dynamic scans, and hands-on security assessments
  • Validate, triage, and coordinate security findings from bug bounty and third party pentests
  • Mentor security analysts and security champions on security best practices and techniques
What we offer
What we offer
  • Start-up equity
  • Full health, vision & dental coverage
  • Catered lunches & dinners for SF employees
  • Commuter benefit
  • Team building events & happy hours
  • Flexible PTO
  • Apple equipment plus home office budget
  • 401k plan
  • Fulltime
Read More
Arrow Right

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, curious, detail-orie...
Location
Location
Portugal , Braga
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst or researcher
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Customer-oriented mindset and driven by innovation
Job Responsibility
Job Responsibility
  • Analyze source code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Collaborate with other areas in the group, such as SCA and SCS
  • Supervise required technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
  • Leverage the latest technological trends for optimizing processes, including AI
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst

We are looking for a Lead Cybersecurity Analyst who can take ownership of the or...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
Farenexus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cloud and application security, with hands-on AWS production environments
  • Strong knowledge of Java (Spring/Spring Boot) and frontend security (Vue.js)
  • Solid understanding of MySQL security and data protection
  • Experience with risk assessment, vulnerability management, and incident response
  • Working knowledge of DPAs, BCP/DR, VAPT, and bug bounty programs
  • Relevant security or cloud certifications such as AWS Security Specialty, CISSP, CISM, or similar
  • Experience with containerized workloads and Kubernetes security
  • Familiarity with modern authentication and authorization approaches such as OAuth2 and OpenID Connect
  • Experience working in agile or Descopes environments
Job Responsibility
Job Responsibility
  • Define and maintain the organization’s security strategy, policies, standards, and architecture principles
  • Act as a security advisor to engineering, product, and leadership teams, ensuring alignment with business and regulatory requirements
  • Design and govern secure AWS architectures, including IAM, networking, and core AWS security services
  • Continuously assess cloud environments and drive remediation of security risks and misconfigurations
  • Lead application security reviews, threat modeling, and risk assessments for Java based backend services and Vue.js frontend applications
  • Embed security into the SDLC through secure coding practices, CI/CD security controls, and vulnerability management
  • Define and enforce data and database security controls, including encryption, access management, and auditing
  • Support compliance, audits, DPAs, BCDR planning, vulnerability assessments, and penetration testing activities
  • Lead incident response processes, security monitoring, and post-incident improvement initiatives
  • Collaborate with engineering and DevOps teams to promote a security-by-design culture and provide practical security guidance
What we offer
What we offer
  • Competitive compensation, benefits, and opportunities for growth
Read More
Arrow Right
New

Restaurant Shift Supervisor

As a Service Leader, you will be responsible for achieving guest satisfaction th...
Location
Location
United States , Blaine
Salary
Salary:
18.00 - 19.00 USD / Hour
perkinsrestaurants.com Logo
Perkins Restaurant & Bakery
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Basic skills such as sanitation, safety, and customer service taught through in-house training
  • Trustworthy
  • can be relied upon to deal with payment of guest checks and operate cash register
  • Must be able to communicate clearly
  • Must be able to coordinate multiple tasks simultaneously
  • Must have high level of mobility/flexibility
  • Must be able to work irregular hours under heavy stress/pressure during peak times
  • Must possess a high level of coordination
  • Must lift and carry serving trays weight up to 20 pounds for distances up to 30 feet
  • Must be able to fit through an opening 30” wide
Job Responsibility
Job Responsibility
  • Ensures that all guests are properly greeted, seated, and served
  • Accountable for proper resolution of all guest complaints
  • Accountable for proper handling of cash, credit card information, gift cards and all things related to the payment of guest checks
  • Ensures proper control of the facility and equipment through preventive maintenance, repairs, security measures, and adherence to safety and sanitation requirements
  • Monitors and oversees food temperatures during hot and cold handling to reduce the incidence of risk factors known to cause food borne illness
  • Trains employees during shift to guarantee proper and productive performance
  • Takes responsibility and verifies that all menu items are prepared and served according to standards
  • Anticipates, identifies and corrects system breakdowns to achieve maximum guest satisfaction
  • Communicates with Manager on Duty and coworkers regarding product/service deficiencies, equipment, safety problems, etc.
  • Responsible for change fund, cash register, and guest check control
What we offer
What we offer
  • Educational Assistance with DeVry University with complimentary laptop
  • Immediate Family Members are also eligible
  • Competitive Pay with Service Award Incentive
  • Get paid daily through Daily Pay
  • Comprehensive Health Benefits including Medical, Dental, Vision, and more
  • 401(k) retirement savings with company match
  • Flexible Schedule
  • All you can eat pancakes + meal discounts
  • Employee Discount Program
  • Development Pathway
  • Parttime
Read More
Arrow Right
New

District Support Pharmacist Full Time

We’re building a world of health around every individual — shaping a more connec...
Location
Location
United States , Reading
Salary
Salary:
60.00 - 76.00 USD / Hour
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
May 28, 2026
Flip Icon
Requirements
Requirements
  • Active Pharmacist License in the state where the Store is located
  • Active National Provider Identifier (NPI)
  • Not on the DEA Excluded Parties list
Job Responsibility
Job Responsibility
  • Living our purpose by helping to manage and improve patient health through safe and appropriate dispensing, counseling, and immunizing practices
  • Traveling the district to fill pharmacist shifts as scheduled by the District Performance Coordinator (DPC)
  • overseeing the pharmacy and serving as the Pharmacy Manager's proxy during bench shifts without overlap
  • Supporting safe and accurate prescription fulfillment by following—and directing the pharmacy team to follow—pharmacy workflow procedures and utilizing the safety guardrails at every workstation
  • Assumes Pharmacy Manager's day-to-day duties when serving as the only or the primary pharmacist-on-duty
  • Contributing to positive patient experiences by showing empathy and genuine care and coaching the pharmacy team to do the same: demonstrating compassionate care, collaborating with the patient's total healthcare team, and proactively resolving insurance and/or medication issues
  • Proactively offering and delivering immunizations to keep patients healthy
  • engaging and supporting Pharmacy Technicians to learn to immunize
  • Supporting the effective management of pharmacy inventory in all pharmacies worked by following—and guiding the pharmacy team to follow—all inventory best practices, with a special focus on protecting cold chain products for our patients and our business
  • Remaining flexible for both scheduling and business needs, while contributing to a safe, inclusive, and engaging team dynamic
What we offer
What we offer
  • medical
  • dental
  • vision coverage
  • paid time off
  • retirement savings options
  • wellness programs
  • Fulltime
Read More
Arrow Right
New

Account Relationship Representative

Our client is seeking an Account Relationship Representative in Billings, MT to ...
Location
Location
United States , Billings
Salary
Salary:
62000.00 - 72000.00 USD / Year
bemana.us Logo
Bemana
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma or equivalent required
  • 2+ years of relevant sales or customer service experience
  • Familiarity with Epicor Prophet 21 (P21) or similar ERP systems (preferred)
  • Clear and professional verbal and written communication skills
  • Strong interpersonal skills with ability to build trust at all levels, including executives
  • Excellent time management, organization, and attention to detail
  • Confident presenting information to groups and customers
Job Responsibility
Job Responsibility
  • Serve as a key resource for assigned accounts, providing prompt and effective support
  • Respond to customer issues, inquiries, and requests in a professional and timely manner
  • Collaborate with the outside sales team to identify opportunities and meet/exceed monthly sales goals
  • Support and implement vendor-managed inventory (VMI) programs at customer sites
  • Operate and maintain inventory systems
  • Ensure accurate tracking, organization, labeling, and cleanliness of managed inventory
  • Manage min/max product quantities and assist in cross-referencing products for VMI programs
  • Identify unprofitable inventory and recommend adjustments to align with business objectives
  • Enter and manage quotes and orders in the ERP system or through collaboration with Customer Service
  • Research, prepare, and follow through on customer quotes using branch and company resources
What we offer
What we offer
  • Quarterly bonus incentive
  • Vehicle Stipend
  • Comprehensive benefits package
  • Highly flexible unlimited PTO policy
  • Fulltime
Read More
Arrow Right
New

Optical Assistant

As an Optical Assistant you will be a fundamental part of our Boots Opticians st...
Location
Location
United Kingdom , Eastbourne
Salary
Salary:
Not provided
boots.com Logo
Boots
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • NVQ level 2 or UK equivalent qualifications
  • minimum 6 months optical experience
  • passion for customer care
  • enthusiasm for learning and personal development
Job Responsibility
Job Responsibility
  • Be the first and last person customers interact with
  • build great relationships with customers
  • order, dispense and collect glasses and contact lenses
  • support with eye-tests and pre-screening activities
  • provide aftercare support through repairs and adjustments
  • complete operational and administrative tasks associated with dispensing prescriptions
  • maintain shop floor standards
What we offer
What we offer
  • Boots Retirement Savings Plan
  • Discretionary quarterly bonus
  • Generous employee discounts
  • Clinical and Non-Clinical Career development opportunities
  • Enhanced maternity/paternity/adoption leave pay and gift card for anyone expecting or adopting a child
  • Flexible benefits scheme
  • Access to free, 24/7 counselling and support through TELUS Health, our Employee Assistance Programme
  • Parttime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries Tools About Us FAQ Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy