CrawlJobs Logo

Security Analyst, Bug Bounty

shopify.com Logo

Shopify

Location Icon

Location:
Canada

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re seeking an experienced Security Analyst to join Shopify’s security organization, focused on our Bug Bounty program operations. Shopify powers millions of merchants worldwide—which means a large and dynamic attack surface. You'll work at the intersection of external researchers, internal engineering, and AppSec, turning vulnerability reports into clear, actionable findings that protect Shopify and its merchants. This role is equal parts security analysis, operational excellence, and high-quality communication.

Job Responsibility:

  • Bug bounty report triage quality and timeliness (meet SLOs, keep queues healthy, reduce rework)
  • Reproducing and validating reported security issues (prove exploitability, confirm impact, confirm affected assets, confirm fixes via retest/validation)
  • Writing clear, friendly, high-signal communication to external researchers while representing Shopify well
  • Maintaining meticulous internal documentation and context so issues can be routed and resolved efficiently
  • Using data to quantify performance and program health (queue state, SLOs, throughput, trend reporting)
  • Partnering with AppSec engineering when a report requires deeper engineering expertise
  • Detect, evaluate, and help address security threats to Shopify and its merchants
  • develop security controls and protocols
  • perform security audits
  • conduct vulnerability assessments and penetration tests
  • assist in the creation and implementation of security solutions
  • help mitigate compliance and regulatory risks
  • Solve problems quickly and follow (and improve) the team’s playbooks
  • Be meticulous in documentation and context capture (so others can pick up work without losing time)
  • Use data to investigate emerging risks/trends and translate them into repeatable solutions
  • Mentor teammates, raise the bar, and become the “go-to” expert in at least one area of the program (triage domain, vulnerability class, product area, tooling/workflows, etc.)

Requirements:

  • Strong written communication skills
  • A track record of fast, high-quality problem solving, with good judgment around impact, severity, and next steps
  • Comfort operating in externally-facing workflows with security researchers, representing Shopify professionally and consistently
  • Operational discipline: you follow playbooks, improve them when they’re wrong or incomplete, and turn “institutional knowledge” into documentation
  • High attention to detail in notes, reproduction steps, evidence, and decision rationale
  • A data-informed mindset: you use metrics to quantify your throughput and quality, track trends, and help improve program health over time
  • A growth-and-multiplication approach: you mentor teammates, raise the bar, and develop deep expertise in at least one domain (vuln class, product area, triage workflow/tooling)
  • A strong sense of accountability: you take responsibility for the quality of your interactions and outcomes, and you’re ambitious about improving the security and experience we deliver
  • Strong working knowledge of web application security fundamentals (authn/authz, session management, injection, IDOR, SSRF, XSS, CSRF, access control, multi-tenant risk, etc.)
  • Demonstrated ability to reproduce vulnerability reports reliably and communicate impact precisely
  • Experience doing vulnerability assessment and/or penetration testing (professionally or in a structured program)
  • Strong judgment on severity/impact assessment and how to ask for additional info when needed
  • Comfortable working in operational queues and juggling multiple in-flight investigations without losing quality

Additional Information:

Job Posted:
March 01, 2026

Work Type:
Remote work
Icon
Shopify - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Analyst, Bug Bounty

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, detail-oriented Appl...
Location
Location
Israel , Ramat Gan
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Ability to handle multiple requests and work in a fast-paced environment
Job Responsibility
Job Responsibility
  • Assist the SCA analysts in conducting vulnerability analysis of known open-source software vulnerabilities to identify affected libraries and other elements, such as the affected vulnerable code
  • Analyze code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Supervise the technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant Product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

The Security team at Zip is responsible for protecting the confidentiality and i...
Location
Location
United States , San Francisco
Salary
Salary:
160000.00 - 220000.00 USD / Year
ziphq.com Logo
Zip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience writing production-quality code for security tooling and services
  • Strong written and verbal communication with internal and external stakeholders
  • A solid understanding of security risks and the ability to balance security with business requirements
  • Experience with web applications, APIs, and cloud environments. At Zip, our stack includes Python, React, GraphQL, Kubernetes, and AWS
Job Responsibility
Job Responsibility
  • Design and implement technical controls to eliminate or mitigate classes of security vulnerabilities
  • Support the development of secure products through design reviews, threat models, static/dynamic scans, and hands-on security assessments
  • Validate, triage, and coordinate security findings from bug bounty and third party pentests
  • Mentor security analysts and security champions on security best practices and techniques
What we offer
What we offer
  • Start-up equity
  • Full health, vision & dental coverage
  • Catered lunches & dinners for SF employees
  • Commuter benefit
  • Team building events & happy hours
  • Flexible PTO
  • Apple equipment plus home office budget
  • 401k plan
  • Fulltime
Read More
Arrow Right
New

Insights Manager

We are seeking a highly driven and business-oriented Insights Manager to lead In...
Location
Location
Egypt , Cairo
Salary
Salary:
Not provided
coca-colahellenic.com Logo
Coca-Cola HBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • University degree in Business, Economics, Statistics, Finance, Mathematics, or related fields
  • Proven experience in Insights, Business Analytics, or Market Research, with strong exposure to commercial environments
  • Demonstrated ability to lead teams and influence cross-functional stakeholders
  • Strong analytical thinking and data storytelling capabilities
  • Excellent communication, collaboration, and stakeholder management skills
  • Ability to thrive in a fast-paced, dynamic, and evolving business environment
Job Responsibility
Job Responsibility
  • Connect insights across sales performance, execution of KPIs, customer universe, numeric distribution, cooler metrics, route-to-market efficiency, and competitive intelligence to provide a holistic business view
  • Work closely with Sales, RTM, RGM, Marketing, Supply Chain, and BI to embed insights into day-to-day decisions as well as long-term plans
  • Partner with commercial leaders to diagnose performance gaps, identify whitespace opportunities, and recommend corrective actions at regional, channel, and customer levels
  • Translate complex analytical findings into simple, clear stories tailored to different stakeholders
  • Lead and mentor a team of senior and junior analysts organized by regions and functional pillars, ensuring high-quality outputs and timely delivery
  • Build internal capabilities across analytics, data storytelling, market understanding, and tool proficiency
  • Foster a culture of curiosity, ownership, and continuous improvement within the team
  • Lead deep-dive analyses on distribution, execution, cooler productivity, customer coverage, and sales performance to uncover root causes and improvement levers
  • Implement systematic monitoring routines to track execution KPIs, identify early warning signals, and evaluate the impact of commercial initiatives
  • Champion data-driven routines across the organization by making insights accessible, actionable, and aligned with business priorities
What we offer
What we offer
  • Development opportunities
  • Flexible Time
  • IT Equipment
  • Medical Insurance
  • Free product quota
  • Supportive team
  • Work from home
Read More
Arrow Right
New

Lead Business Execution Consultant- Business Resiliency

Wells Fargo is seeking a Lead Business Execution Consultant to support Business ...
Location
Location
United States , SAINT LOUIS; CHARLOTTE
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
March 03, 2026
Flip Icon
Requirements
Requirements
  • 5+ years of Business Execution, Implementation, or Strategic Planning experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • Enterprise Resiliency Certification (ERC)
  • Business continuity, disaster recovery, or enterprise resiliency program experience
  • Strong analytical skills with the ability to interpret data and identify trends
  • Effective written and verbal communication skills across all organizational levels
  • Demonstrated ability to influence stakeholders and guide cross‑functional discussions
  • Experience managing multiple priorities in a fast‑paced, risk‑focused environment
  • Proven ability to plan, execute, and document tests, exercises, or large‑scale initiatives
  • Intermediate to advanced Microsoft Office skills (Excel, PowerPoint, Word, SharePoint)
  • Experience with enterprise resiliency or operational risk tools
Job Responsibility
Job Responsibility
  • Lead cross functional teams to strategize, plan, and execute a variety of programs, services and initiatives
  • Drive accountability for assigned initiatives, limit risk exposure, and create efficiencies as appropriate
  • Review strategic approaches and effectiveness of support function and business performance
  • Perform assessments through fact finding and data requiring creative approaches to solving complex issues, and develop appropriate solutions or recommendations
  • Make decisions in highly complex and multifaceted situations requiring solid understanding of business group's functional area or products, facilitate decision making and issue resolution, and support implementation of developed solutions and plans
  • Collaborate and consult with members of the Business Execution team and team leaders to drive strategic initiatives
  • Influence, guide and lead less experienced Strategy and Execution staff within the group
  • Provide subject matter expertise in line of business policies/procedures related to business continuity planning activities
  • Maintain and enhance strong relationships with a variety of partner groups (e.g. EBR, EIM, Control teams, and WIM business leaders.) in support of BCP
  • Serve as BCP subject matter expert for new business product capabilities (RANBI) and Third-Party Inherent Risk Questionnaire (IRQ)
  • Fulltime
!
Read More
Arrow Right
New

Salesforce Marketing Cloud Architect

Our company is seeking an experienced Salesforce Marketing Cloud Architect to le...
Location
Location
United States , Enola
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8–10 years of relevant digital marketing experience
  • 2+ years hands-on work with Salesforce Marketing Cloud
  • 8+ years in lifecycle/retention marketing
  • 5–8 years in leadership/management roles
  • Deep technical understanding of CRM systems, APIs, data structures, and integration best practices
  • Proven ability to execute cross-channel marketing campaigns and architect digital marketing solutions
  • Expertise in data management, compliance, and segmentation
  • Advanced interpersonal and project management skills
  • Strong communication skills—convey complex technical information to non-technical stakeholders
  • Ability to synthesize industry research and build persuasive presentations
Job Responsibility
Job Responsibility
  • Lead the architecture and execution of marketing automation via Salesforce Marketing Cloud (Journey Builder, Email Studio, etc.)
  • Develop multichannel customer journey strategies spanning email, SMS, web, social, and more
  • Collaborate closely with channel strategists across SMS, mobile, web, paid media, social, and direct mail
  • Oversee digital campaign strategy and execution, including lead generation and lifecycle marketing
  • Ensure seamless integration between Marketing Cloud and other critical business systems
  • Manage digital data, segmentation, and privacy compliance
  • Partner with marketing, digital engagement, digital experience, and analytics teams to deliver data-driven, personalized experiences
  • Provide technical guidance and strategic direction for Salesforce Marketing Cloud capabilities
  • Analyze campaign results and recommend improvements, testing, and optimizations
  • Lead digital projects and prioritization, including Marketing Cloud site, platform, and personalization engine enhancements
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right
New

Conference Producer

We are hiring 2 Conference Producers to join our growing Consumer Portfolio. The...
Location
Location
United Kingdom
Salary
Salary:
Not provided
kisacoresearch.com Logo
Kisaco Research
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Graduated/graduating with a 2:1 or above
  • Analytical, commercially minded and dynamic
  • Ability to articulate and present complex information in an engaging and simple way
  • Great communication skills both written and verbal
  • English Fluency
  • Right to work in the UK
  • Ability to write crisp engaging copy for a consumer business audience
  • Highly organised, methodical, and process driven
  • High level of attention to detail
Job Responsibility
Job Responsibility
  • Conduct in-depth market research and analysis to create relevant, commercially viable events
  • Collaborate with industry experts and thought leaders to develop engaging agendas
  • Develop ideas for creative digital content to support commercial campaign
  • Identify and recruit high-profile speakers and moderators
  • Work with the marketing campaign manager to identify appropriate marketing channels
  • Identify potential sponsors and work with the Commercial Partnerships Manager
  • Work with speakers, consultants, journalists, and other information providers to source and repurpose materials for content marketing
  • Build identity and create buzz around each event with the marketer through social media including LinkedIn
  • Develop and manage budgets for each conference
  • Work closely with cross functional teams to ensure seamless execution
What we offer
What we offer
  • £100 personal development budget
  • £200 personal wellness budget
  • Hybrid working (3 days in office, 2 from home)
  • Access to the best Tech – including Gong and Sales Navigator
  • 25 days of annual leave (in addition to bank holidays)
  • An additional day off for your birthday each year
  • 1 extra day of annual leave per year up to 30 days total
  • Regular social and charitable events and annual Summer & Christmas parties
  • Fulltime
Read More
Arrow Right
New

Housekeeper

Interested in a great job as a housekeeper in Kampenhout? Full-time, flexible ho...
Location
Location
Belgium , Kampenhout
Salary
Salary:
14.67 - 15.53 EUR / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
June 29, 2026
Flip Icon
Requirements
Requirements
  • You can easily travel within Kampenhout.
  • You want a permanent job with job security.
  • You have a passion for making spaces shine.
  • You are someone who always arrives on time.
  • You can work independently.
  • Experience or training in cleaning? That's a plus!
Job Responsibility
Job Responsibility
  • Cleaning the home,
  • Ironing,
  • Washing windows.
What we offer
What we offer
  • Full-time, flexible hours, a permanent contract after 3 months
Read More
Arrow Right
New

Data Center Technician

We are looking for an experienced Data Center Technician to join our team in Ash...
Location
Location
United States , Ashburn
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 2 years of experience in a similar role
  • Proficiency in Network Operations Center (NOC) procedures and practices
  • Hands-on experience with cable assemblies and installation
  • Familiarity with Microsoft and Cisco hardware systems
  • Knowledge of Storage Area Network (SAN) technologies
  • Ability to interpret technical schematics and drawings
  • Strong organizational skills for tracking inventory and managing procurement
  • Excellent communication skills to interface with various teams and stakeholders
Job Responsibility
Job Responsibility
  • Oversee infrastructure installation requests from initiation through completion, ensuring all objectives are met
  • Conduct certifications of network connections and peripherals prior to deployment
  • Coordinate with contractors to manage power remediation projects and ensure Service Levels are consistently achieved
  • Provide detailed project estimates, interpreting schematics and drawings, and documenting requirements through collaboration with IT and project management teams
  • Handle the creation, approval monitoring, and closure of work tickets and TCMs
  • Assist in rack-level capacity management and monitor infrastructure performance
  • Participate in meetings related to infrastructure projects and provide input on ongoing initiatives
  • Generate Root Cause Analysis reports for power issues and implement corrective measures
  • Manage infrastructure installations, including power surveys, cabling setups, and new data center build-outs
  • Oversee equipment procurement processes, including ordering materials, tracking purchase orders, and managing inventory
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy