Changing the world through digital experiences is what Adobe’s all about. We give everyone from emerging artists to global brands everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.
We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity.
We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!
Do you wake up every morning thinking about cybersecurity? Are you looking for a great opportunity to have an impact across all Adobe products and services then this position is for you!
At Adobe, we recognize that our customers benefit when we take a collaborative approach to vulnerability disclosure. We pride ourselves on the symbiotic relationship we’ve cultivated with the security community and continue to value the contributions that security researchers of all stripes make to hardening our software.
New bug reporting platforms have enabled part-time hobbyists to become full-time freelance security researchers, and Adobe is committed to working collaboratively with an ever-widening pool of security professionals.
The Product Security Incident Response Team (PSIRT) is responsible for Adobe’s vulnerability disclosure program and is the first responder when a security researcher reports a vulnerability finding affecting an Adobe product, online service or web property.
In addition to its role as conduit with external researchers, PSIRT partners with both internal and external stakeholders to ensure vulnerabilities are handled in a manner that minimizes risk to customers and encourages researchers to disclose in a coordinated fashion.
Adobe's PSIRT is seeking a dynamic candidate to contribute to our world-class security organization.
What you’ll do
Validate and assess severity of public and privately disclosed security vulnerabilities
Perform root cause analysis and provide remediation recommendations to engineering teams
Drive security issues to resolution through continuous engagement with stakeholders including engineering, public relations, customers and external security researchers
Investigate and respond to customer security inquiries
Build tools to automate security testing and streamline workflows
Build relationships with security researchers are accurately credited or paid for their responsible disclosures
What you need to succeed
Bachelor’s degree in computer science, engineering or a related field and 1-3 years of practical experience
Knowledge of application security vulnerabilities (OWASP Top 10) and mitigation techniques
Proven ability to grasp and communicate complex technical details
Proficiency using web security testing tools such as Burp
Familiarity with Python (preferred)
Demonstrated to balance multiple tasks, projects and assignments
Dependability : Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressure
Established track record managing vulnerability disclosure programs (i.e. HackerOne) a plus