[Hiring] Security Delivery Project Manager @HackerOne

Sep 24, 2025 - HackerOne is hiring a remote Security Delivery Project Manager. Salary: $111k – $139k • offers equity. Location: USA.

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024.

HackerOne is at a pivotal inflection point in the security industry. Offensive security is no longer optional – it is the standard for forward-thinking companies that want to build trust and resilience in a world where AI-driven innovation and adversaries are moving faster than ever. With the industry shifting, HackerOne stands apart: we combine the ingenuity of the largest security research community with a best-in-class AI-powered platform, trusted by the world’s top organizations.

HackerOne values customer obsession, transparency, and collaboration. We prioritize customer outcomes, operate with transparency and integrity, and aim to win together through empowerment, inclusion, respect, and accountability.

Security Delivery Project Manager

Remote Location: Boston, MA; Austin, TX; or Washington, DC.

In this role, you will be the main point of contact for our largest enterprise Pentest and Time-bound Bug Bounty customers. You will own the entire delivery process from start to finish. Enterprise customers require coordination with multiple teams to manage network access, compliance requirements, and all moving pieces. For bounty programs, you will work with researchers and manage time-bound engagements without bottlenecks. For Pentests, strong project management and relationship-building are required. A Technical Engagement Manager with security expertise will be assigned to each pentest, but you will manage the larger PTaaS program and customer relationships.

We embrace a Flexible Work approach. This is a remote role targeted for candidates within approximately 50 miles of Boston, Austin, or Washington, DC. This balance of proximity and flexibility supports collaboration and in-person moments while preserving remote work benefits.

• Serve as the single point of contact between enterprise customers and technical teams for complex pentests and time-bound bug bounty programs, managing the entire delivery process from start to finish
• Build and manage project timelines for multiple concurrent engagements, coordinating network access setup, compliance requirements, and stakeholder communications across customer IT and security teams
• Translate customer requirements into clear technical specifications for execution teams while keeping all parties updated on progress and proactively addressing potential issues
• Manage time-bound bug bounty program launches, working with researcher communities to ensure quality submissions and coordinate with triage teams for smooth program execution
• Develop and document repeatable processes, create playbooks for similar projects, and use project management tools to automate routine delivery tasks
• Coordinate final report delivery, schedule follow-up testing, and manage customer relationships to drive program expansion and repeat business
• Transform service delivery insights into product development requirements and identify opportunities to improve delivery speed and efficiency
• Win Together, Default to Disclosure, and Customer Obsession will be critical to success in this role, as cross-functional collaboration, clear communication, and focus on value delivery are hard requirements for successful relationships and delivery.

• 3+ years of experience managing client-facing technical projects, preferably in cybersecurity or related technical services
• Demonstrated experience with penetration testing delivery processes and solid understanding of offensive security methodologies and terminology
• Hands-on experience with bug bounty programs, including working with security researcher communities and understanding marketplace dynamics
• Strong project management skills with proven ability to manage multiple concurrent projects using standard PM tools, ticketing systems, and CRMs

• Project management certification such as PMP, CAPM, or CSM demonstrating formal project management expertise
• Background in cybersecurity consulting, managed security services, or similar client-facing technical roles
• Knowledge of compliance frameworks like SOC 2, ISO 27001, and experience with audit processes and regulatory requirements
• High-level familiarity with OWASP Top 10, CWE Top 25, et al, and how the attacks are executed

Compensation Bands: Austin, Boston, DC

$111K – $139K • Offers Equity

#LI-Remote

#LI-HM1

• Health (medical, vision, dental), life, and disability insurance
• Equity stock options
• Retirement plans
• Paid public holidays and unlimited PTO
• Paid maternity and parental leave
• Leaves of absence (including caregiver leave and leave under CO\'s Healthy Families and Workplaces Act)
• Employee Assistance Program
• Flexible Work Stipend

Eligibility notes: Eligibility may differ by country

We are committed to building a global team. For roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR).

Visa/work permit sponsorship is not available.

Employment at HackerOne is contingent on a background check.

HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by law.

This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. Hiring decisions are based on qualifications, merit, and business needs.

For US-based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.