cover image
YesWeHack

YesWeHack

www.yeswehack.com

1 Job

456 Employees

About the Company

YesWeHack is a leading Bug Bounty and Vulnerability Management Platform. Founded by ethical hackers in 2015, YesWeHack connects organisations worldwide to tens of thousands of ethical hackers, who uncover vulnerabilities in websites, mobile apps, connected devices and digital infrastructure. Bug Bounty programs benefit from in-house triage, personalised support, a customisable model and results-based pricing. Clients include Tencent, Swiss Post, Orange France and the French Ministry of Armed Forces. The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and 'Dojo' (ethical hacking training). YesWeHack complies with strict security, financial traceability and privacy requirements. YesWeHack's services are ISO 27001- and ISO 2701-certified and accredited by CREST. YesWeHack's infrastructure uses EU-based, GDPR-compliant private hosting that meets the most stringent standards: ISO 27001, ISO 27017, ISO 27018, ISO 27701 and SOC II Type 2. The YesWeHack platform is also permanently subject to a public Bug Bounty Program. Find out more at www.yeswehack.com

Listed Jobs

Company background Company brand
Company Name
YesWeHack
Job Title
Security Analyst
Job Description
Job title: Security Analyst Role Summary: Validate and analyze vulnerability reports from the ethical hacker community, assess severity using CVSS, reproduce proof‑of‑concept exploits, and communicate findings to clients. Develop internal tools to optimize workflow and maintain continuous improvement. Expactations: * Passion for cybersecurity and deep curiosity about system security. * Active participation in CTFs and info‑sec learning platforms. * Strong teamwork, communication, and adherence to security best practices. Key Responsibilities: - Verify validity of vulnerability reports against program rules. - Reproduce proof‑of‑concept exploits. - Evaluate severity with context‑aware CVSS scoring. - Deliver technical explanations and recommendations to clients. - Engage with the ethical hacker community. - Track vulnerability workflow and coordinate with Customer Success. - Contribute to creation and evolution of internal tools. Required Skills: - Exploitation of OWASP Top 10 / CWE vulnerabilities. - In‑depth knowledge of CVSS metrics (base, temporal, environmental). - Proficiency with Burp Suite interception and replay features. - Fluency in English (reading, writing, speaking). - (Preferred) Ongoing research on CVE, vulnerability exploitation, and security trends. Required Education & Certifications: - Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent professional experience). - Relevant certifications such as CEH, OSCP, or equivalent are preferred.
Rennes, France
Hybrid
30-10-2025