top of page
  • LinkedIn
  • X
At Luta Security, we seek to build a safer, more efficient, and equitable future for all. If you’re looking to join a purpose-driven, nimble team that is both fast-paced and respectful of your time, we’d love to hear from you. 
 

Careers

We connect people, processes, and technology, guided by our core values of respect, accountability, and pay equity.

GUIDED BY OUR CORE VALUES

  • Luta Security has an exciting opportunity for an experienced Lead Security Triage Manager. This Full-Time position begins as an 8–12-week contract role to ensure mutual fit. The ideal candidate will have experience running bug bounty programs and can perform hands-on technical repro for vulnerability reports. They should be comfortable communicating with security researchers and making judgment calls on severity in the context of security impact. They must also be self-directed after learning customer preferences and capable of providing clear, regular updates to Luta Security’s customers.
     
    They will provide vulnerability assessment support, focused on performing technical validation on incoming vulnerability disclosure or bug bounty cases. Additional responsibilities include performing research and analyzing current threats and vulnerabilities that may affect the enterprise, writing and clarifying steps to reproduce security bugs, technically validating fixes, and participating in performing focused adversarial assessments. 
     ​
    RESPONSIBILITIES

    • Own the bug bounty programs of some of the biggest companies in the world

    • Lead a team of contractors performing triage and case management

    • Provide weekly updates to Luta Security customers

    • Calculate bug bounty metrics weekly, monthly, and quarterly

    • Own the end-to-end case resolution of incoming security reports, including any additional investigation

    • Perform research on current threats and vulnerabilities

    • Author security advisories or summaries

    • Conduct vulnerability assessments of IT systems

    • Other duties as assigned


    QUALIFICATIONS & SKILLS

    Required: 

    • Prior experience running a bug bounty program

    • Penetration testing skills

    • Written and verbal communication skills with an emphasis on explaining security details and impact to developers and other technical personnel who may lack a security background

    • A nuanced understanding of Vulnerability Coordination and Disclosure

    • Basic familiarity with ISO 29147 and 30111 

    • Demonstrated Experience with vulnerability assessment, including expert

    Experience in at least two of the following areas:

    • Vulnerability Assessment

    • Intrusion Prevention and Detection

    • Access Control and Authorization

    • Policy Enforcement

    • Application Security

    • Protocol Analysis

    • Firewall Management

    • Incident Response

    • Encryption

    • Web filtering

    • Advanced Threat Protection

    OUR COMMITMENT TO YOU

    Pay Range & Benefits

    • Remote workforce - Only within the U.S. (for now) 

    • Contract pay range: $50-$100 USD/hour.

    • All contracts begin at $50/hour while in training before case responsibilities are assigned.

    • $90-$100 USD/hour is the contract pay range once case management duties are assigned and the contractor can act more autonomously after training and onboarding are complete.

    • FTE salary range $100,000 - $175,000 USD/yr

    • Total FTE PTO is a minimum of 79 days/year via 11 federal holidays, 52 Fridays,

    • 16 other vacation days as follows:​

    • FTE PTO All Federal and State holidays (11 federal)

    • FTE PTO 2 weeks in summer & 2 weeks in winter (M-Thur x 4 = 16 days)

    • FTE 4 Day, 32-hour work week (Monday - Thursday), paid time off each Friday (52 days)

    • FTE healthcare stipend to cover 100% of monthly health insurance premium

    • Growth opportunities in a dynamic environment

  • Luta Security has an exciting opportunity for Security Program Managers. This contract position will provide vulnerability coordination support, focused on managing incoming vulnerability disclosure and bug bounty submissions from beginning to end with all associated internal and external teams. Additional responsibilities include documentation of Standard Operating Procedures (SOPs).
     
    This is a contract role with up to 10 hours per week to start. There is a possibility of a full-time contract role or full-time employment in the future.

    RESPONSIBILITIES

    • Owning end-to-end case management of incoming security reports

    • Standard Operating Procedure (SOP) documentation

    • Other duties as assigned

    QUALIFICATIONS & SKILLS

    Required:

    • At least 3 years of program management experience (security PM experience preferred, but technology or IT program managers will also be considered)

    • Firm understanding of Vulnerability Coordination and Disclosure

    • Familiarity with ISO 29147 and 30111 

    • Demonstrated Experience with vulnerability assessment, including expert experience in at least two of the following areas:

      • Vulnerability Assessment

      • Intrusion Prevention and Detection

      • Access Control and Authorization

      • Policy Enforcement

      • Application Security

      • Protocol Analysis

      • Firewall Management

      • Incident Response

      • Encryption

      • Web filtering

      • Advanced Threat Protection

  • Luta Security has an exciting opportunity for Security Triage Managers. This contract position will provide vulnerability assessment support, focused on performing technical validation on incoming vulnerability disclosure or bug bounty cases. Additional responsibilities include performing research and analyzing current threats and vulnerabilities that may affect the enterprise, writing and clarifying steps to reproduce security bugs, technically validating fixes, and participating in performing focused adversarial assessments. 
     
    This is a contract role with up to 10 hours per week to start. There is a possibility of a full-time contract role or full-time employment in the future.

    RESPONSIBILITIES

    • Owning end-to-end case resolution of incoming security reports, including any additional investigation

    • Perform research on current threats and vulnerabilities

    • Author security advisories

    • Manage enterprise vulnerability compliance

    • Conduct vulnerability assessments of IT systems

    • Other duties as assigned


    QUALIFICATIONS & SKILLS
    Required

    • Penetration testing skills

    • Written and verbal communication skills with an emphasis on explaining security details and impact to developers and other technical personnel who may lack a security background

    • Basic understanding of Vulnerability Coordination and Disclosure

    • Basic familiarity with ISO 29147 and 30111 

    • Demonstrated Experience with vulnerability assessment, including expert experience in at least two of the following areas:

      • Vulnerability Assessment

      • Intrusion Prevention and Detection

      • Access Control and Authorization

      • Policy Enforcement

      • Application Security

      • Protocol Analysis

      • Firewall Management

      • Incident Response

      • Encryption

      • Web filtering

      • Advanced Threat Protection

We are looking for both contractors and contract-to-perm full-time employees.  

Open Positions