Security Delivery Project Manager

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024.

HackerOne is at a pivotal inflection point in the security industry. Offensive security is no longer optional – it is the standard for forward-thinking companies that want to build trust and resilience in a world where AI-driven innovation and adversaries are moving faster than ever. With the industry shifting, HackerOne stands apart: we combine the ingenuity of the largest security research community with a best-in-class AI-powered platform, trusted by the world’s top organizations.

HackerOne Values

HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability.

Security Delivery Project Manager

Remote Location: Boston, MA; Austin, TX; or Washington, DC

Position Summary

In this role, you will be the main point of contact for our largest enterprise Pentest and Time-bound Bug Bounty customers. These complex projects need dedicated project management; you’ll be owning the entire delivery process from start to finish.

Our enterprise customers require coordination with multiple teams - to get network access sorted out, handle compliance requirements, and manage all the moving pieces. For bounty programs, we need someone with marketplace experience who can work with researchers and manage time-bound engagements without creating bottlenecks. For Pentests, strength in project management and relationship building will be a requirement for success. There will always be a Technical Engagement Manager with security expertise assigned to each pentest, but you’ll be managing the larger PTaaS program and customer relationships.

At HackerOne, we embrace a Flexible Work approach that gives us the freedom to do our best work while also fostering the connections and community that make us stronger. Reflecting this philosophy, this is a remote role targeted for candidates within ~50 miles of Boston, MA; Austin, TX; or Washington, DC. We believe this balance of proximity and flexibility gives Hackeronies the chance to occasionally come together – fostering collaboration, connection, and in-person moments that enrich our culture – while still preserving the benefits of remote work.

What You Will Do

• Serve as the single point of contact between enterprise customers and technical teams for complex pentests and time-bound bug bounty programs, managing the entire delivery process from start to finish

• Build and manage project timelines for multiple concurrent engagements, coordinating network access setup, compliance requirements, and stakeholder communications across customer IT and security teams

• Translate customer requirements into clear technical specifications for execution teams while keeping all parties updated on progress and proactively addressing potential issues

• Manage time-bound bug bounty program launches, working with researcher communities to ensure quality submissions and coordinate with triage teams for smooth program execution

• Develop and document repeatable processes, create playbooks for similar projects, and use project management tools to automate routine delivery tasks

• Coordinate final report delivery, schedule follow-up testing, and manage customer relationships to drive program expansion and repeat business

• Transform service delivery insights into product development requirements and identify opportunities to improve delivery speed and efficiency

• Win Together /Default to Disclosure/Customer Obsession will be critical to success in this role, as cross-functional collaboration, clear communication, and focus on value delivery are hard requirements for successful relationships and delivery.

Minimum Qualifications  

• 3+ years of experience managing client-facing technical projects, preferably in cybersecurity or related technical services

• Demonstrated experience with penetration testing delivery processes and solid understanding of offensive security methodologies and terminology

• Hands-on experience with bug bounty programs, including working with security researcher communities and understanding marketplace dynamics

• Strong project management skills with proven ability to manage multiple concurrent projects using standard PM tools, ticketing systems, and CRMs.

Preferred Qualifications

• Project management certification such as PMP, CAPM, or CSM demonstrating formal project management expertise

• Background in cybersecurity consulting, managed security services, or similar client-facing technical roles

• Knowledge of compliance frameworks like SOC 2, ISO 27001, and experience with audit processes and regulatory requirements

• High-level familiarity with OWASP Top 10, CWE Top 25, et al, and how the attacks are executed.

Compensation Bands:
Austin, Boston, DC

$111K – $139K • Offers Equity

#LI-Remote

#LI-HM1

Job Benefits:

• Health (medical, vision, dental), life, and disability insurance*

• Equity stock options

• Retirement plans

• Paid public holidays and unlimited PTO

• Paid maternity and parental leave

• Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)

• Employee Assistance Program

• Flexible Work Stipend

*Eligibility may differ by country

We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR).

Visa/work permit sponsorship is not available.

Employment at HackerOne is contingent on a background check.

HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws.

This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time.

For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.