Product Security Engineer

Description
About the Role
Product Security Engineer to support our Bug Bounty program on a 6-month contract engagement, backfilling a team member on leave. You will be the frontline responder for external vulnerability reports submitted through the program, working closely with internal engineering and security teams to ensure timely, accurate triage and resolution.
Responsibilities
Triage incoming vulnerability reports submitted via the bug bounty platform, assessing validity, impact, and scope.
Assign CVSS scores and severity ratings accurately, following Adobe's internal severity guidelines and industry standards.
Reproduce proof-of-concept (PoC) exploits to validate reported vulnerabilities across web, API, and mobile surfaces.
Communicate clearly and professionally with external researchers: request clarifications, provide status updates, and manage expectations.
Coordinate with product engineering teams to route confirmed vulnerabilities for remediation.
Identify duplicate, out-of-scope, or informational reports and close them with clear, respectful explanations.
Contribute to internal documentation, triage runbooks, and severity calibration guidelines.
Flag systemic or critical findings to Bug Bounty team for escalation as needed.
Required Qualifications
3+ years of experience in application security, penetration testing, or a bug bounty / vulnerability disclosure role.
Strong understanding of CVSS v3.1 scoring and hands-on experience applying it to real-world vulnerabilities.
Proficiency in common web vulnerability classes: XSS, SQL injection, SSRF, IDOR, authentication flaws, and business logic issues.
Ability to reproduce and validate PoC exploits using tools such as Burp Suite, browser DevTools, curl, and custom scripts.
Familiarity with bug bounty platforms (e.g., HackerOne, Bugcrowd) and responsible disclosure processes.
Solid written communication skills - able to write clear, constructive responses to researchers of all skill levels.
Familiarity with attacker techniques used by external researchers against LLM systems and generative AI products.
Knowledge of application security vulnerabilities (OWASP Top 10) and mitigation techniques.
Skills
Application security, cvss, hackerone, owasp 10 frameworks, security testing, ai vulnerabilities, ai expertise, owasp 10 LLM
Top Skills Details
Application security,cvss,hackerone,owasp 10 frameworks,security testing
Additional Skills & Qualifications
Experience with cloud environments (AWS, Azure, GCP) and API security testing.
Hands-on experience in penetration testing of AI/ML and LLM-powered products, including chat interfaces, agentic workflows, and inference APIs.
Prior participation in bug bounty programs as a researcher.
Familiarity with OWASP Top 10, CWE taxonomy, and CVE assignment processes.
Background working within a large enterprise or SaaS security organization.
Job Type & Location
This is a Contract position based out of Lehi, UT.
Pay and Benefits
The pay range for this position is $45.00 - $50.00/hr.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Lehi,UT.
Application Deadline
This position is anticipated to close on Jun 30, 2026.

About TEKsystems


We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.


The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services


We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.


The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.


San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, for all positions located in the city and county of San Francisco, we will consider for employment qualified applicants with arrest and conviction records.


Massachusetts Lie Detector: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.


Use of Artificial Intelligence (AI): We may use Artificial Intelligence (AI) to support parts of our hiring process, including sourcing, screening, and evaluating candidates. AI helps assess applications and qualifications, but final decisions are made by our hiring team. By applying, you acknowledge and agree that your application may be reviewed using AI tools.