Back to Job Board

Remote Security Vulnerability Analyst – Bug Bounty Program & Threat Research (Full‑Time, Work‑From‑Home)

Remote, USA
Posted Jun 15, 2026
Full-time

About arenaflex

arenaflex is a global leader in retail and technology, renowned for its relentless focus on innovation, operational excellence, and a commitment to creating safe, secure digital experiences for millions of customers worldwide. With a heritage that began as a modest storefront and evolved into a Fortune‑1 powerhouse, arenaflex now operates at the intersection of e‑commerce, cloud services, and cutting‑edge security research. Our mission is to protect the trust that customers place in us every day, while fostering a culture where curiosity, collaboration, and continuous learning thrive.

At arenaflex, security is not an afterthought—it is woven into the fabric of every product, service, and transaction. Our dedicated Security Operations and Research teams work hand‑in‑hand with engineers, product managers, and external partners to anticipate threats, discover vulnerabilities, and build resilient defenses. As part of this mission, we are expanding our Bug Bounty and Vulnerability Disclosure Program, and we need a talented Remote Security Vulnerability Analyst to help us stay ahead of attackers.

Role Overview

The Remote Security Vulnerability Analyst will play a pivotal role in shaping arenaflex’s bug bounty and vulnerability disclosure initiatives. Working from the comfort of your home office, you will design, implement, and refine proof‑of‑concept (PoC) exploits, evaluate reported findings, and collaborate with both internal and external security researchers. This position offers a unique blend of technical depth, strategic thinking, and mentorship, allowing you to influence the security posture of a Fortune‑1 organization while advancing your own expertise.

Key Responsibilities

  • Develop, test, and validate advanced proof‑of‑concept exploits for identified security weaknesses across a diverse technology stack, including cloud services, IoT devices, mobile applications, and custom hardware.
  • Conduct thorough triage of vulnerability reports submitted by external researchers, assessing severity, reproducibility, and potential impact on arenaflex’s assets.
  • Execute both automated and manual testing techniques to verify remediation efforts and ensure that fixes address root‑cause issues without introducing regressions.
  • Collaborate closely with product engineering, DevOps, and incident response teams to communicate findings, recommend mitigations, and track remediation progress.
  • Identify recurring patterns and systemic weaknesses in application, architecture, and deployment configurations, and propose strategic improvements to reduce future risk.
  • Maintain and enhance metrics that clearly illustrate the health, growth, and effectiveness of the bug bounty program, presenting insights to senior leadership on a regular cadence.
  • Continuously research emerging attacker tactics, techniques, and procedures (TTPs) to keep arenaflex’s defensive capabilities aligned with the evolving threat landscape.
  • Mentor junior security analysts and serve as a thought leader for the broader security community, sharing best practices, tools, and methodologies.
  • Participate in cross‑functional security initiatives, such as secure software development lifecycle (SSDLC) enhancements, threat modeling workshops, and security awareness campaigns.

Essential Qualifications

  • Minimum 3‑5 years of hands‑on experience in vulnerability research, bug bounty program management, or related security analysis roles.
  • Demonstrated track record of discovering and responsibly disclosing high‑impact vulnerabilities in complex environments (e.g., cloud platforms, IoT ecosystems, mobile ecosystems).
  • Strong proficiency in at least one programming language (e.g., Python, Go, JavaScript) and scripting for exploit development and automation.
  • Deep understanding of modern security concepts, including OWASP Top 10, CWE/SANS Top 25, and common attack vectors such as injection, authentication bypass, and privilege escalation.
  • Experience with security testing tools (e.g., Burp Suite, Metasploit, Nmap, Wireshark) and familiarity with CI/CD pipelines and cloud security controls (AWS, Azure, GCP).
  • Excellent written and verbal communication skills, with the ability to produce clear, concise vulnerability reports and executive‑level summaries.
  • Self‑motivated, detail‑oriented, and capable of thriving in a fully remote work environment while maintaining high productivity and collaboration standards.

Preferred Qualifications

  • Prior experience managing a public or private bug bounty program, including incentive structures, researcher outreach, and program metrics.
  • Relevant certifications such as OSCP, OSCE, CISSP, or GIAC GPEN.
  • Familiarity with secure coding practices and the ability to conduct code reviews for security flaws.
  • Experience with threat intelligence platforms, open‑source intelligence (OSINT) gathering, and adversary emulation frameworks.
  • Background in teaching, public speaking, or community engagement within the security research community.

Core Skills & Competencies

  • Analytical Thinking: Ability to dissect complex systems, identify hidden vulnerabilities, and propose innovative remediation strategies.
  • Collaboration: Strong teamwork skills to work effectively with cross‑functional partners, external researchers, and senior leadership.
  • Adaptability: Comfort navigating rapidly changing technology landscapes and shifting priorities in a fast‑paced environment.
  • Ethical Judgment: Commitment to responsible disclosure practices and maintaining the highest standards of integrity.
  • Continuous Learning: Passion for staying current with emerging threats, new tools, and industry best practices.

Career Development & Learning Opportunities

arenaflex invests heavily in the professional growth of its security talent. As a Remote Security Vulnerability Analyst, you will have access to:

  • Annual security training budgets for conferences, certifications, and specialized courses.
  • Mentorship programs pairing you with senior security architects and industry thought leaders.
  • Opportunities to lead high‑visibility projects, such as the design of new automated testing frameworks or the expansion of our global bug bounty program.
  • Cross‑departmental rotations that allow you to gain exposure to product development, cloud engineering, and risk management.
  • Publication support for research papers, blog posts, and conference talks, showcasing your expertise to the broader security community.

Work Environment & Culture at arenaflex

Our remote‑first philosophy means you can work from anywhere in the United States while staying tightly connected to a vibrant, inclusive team. arenaflex fosters a culture of:

  • Transparency: Open communication channels, regular town‑halls, and clear visibility into company goals.
  • Innovation: Encouragement to experiment, prototype, and challenge the status quo without fear of failure.
  • Diversity & Inclusion: A commitment to building a workforce that reflects the communities we serve, with employee resource groups and inclusive hiring practices.
  • Work‑Life Balance: Flexible schedules, generous paid time off, and wellness programs that support mental and physical health.
  • Collaboration Tools: State‑of‑the‑art video conferencing, shared workspaces, and secure communication platforms to keep remote teams aligned.

Compensation, Benefits & Perks

arenaflex offers a competitive compensation package that reflects the expertise required for this role, including:

  • Hourly rate ranging from $35 to $45, commensurate with experience and demonstrated impact.
  • Performance‑based bonuses tied to the success of the bug bounty program and overall security improvements.
  • Comprehensive health, dental, and vision coverage, with options for dependents.
  • Retirement savings plans with company matching contributions.
  • Technology stipend for home office equipment, high‑speed internet, and ergonomic accessories.
  • Paid parental leave, adoption assistance, and flexible family‑friendly policies.
  • Access to a global employee assistance program, mental‑health resources, and wellness challenges.
  • Opportunities for equity participation, allowing you to share in arenaflex’s long‑term growth.

How to Apply

If you are passionate about uncovering hidden vulnerabilities, mentoring the next generation of security researchers, and shaping the future of a world‑class bug bounty program, we want to hear from you. To apply, please click the link below, submit your updated resume, and include a brief cover letter highlighting a recent vulnerability you discovered and the impact it had.

Apply Now – Join arenaflex’s Remote Security Team!

Join arenaflex and Make an Impact

At arenaflex, your work will directly protect the data and experiences of millions of customers worldwide. By joining our remote security team, you become part of a forward‑thinking organization that values curiosity, integrity, and continuous improvement. Take the next step in your career, work from anywhere, and help us build a safer digital future.

Apply for this job

Apply Now

More Remote Jobs

Senior Manager, Engineering & Operations Excellence – Remote Customer Support Leadership at arenaflex – $25/hr – Full‑Time, Washington, USA
Remote, USA
Full-time
Customer Service Representative – Member & Provider Support for Medicaid & Medicare Programs (Remote/Hybrid) – arenaflex
Remote, USA
Full-time
Remote Data Entry Specialist – Entry-Level E‑Commerce Product Management for arenaflex
Remote, USA
Full-time
Remote Customer Service Representative – Full‑Time Work‑From‑Home Role Supporting Financial Services Cardholder Experience at arenaflex
Remote, USA
Full-time
Remote Customer Service Representative – Healthcare Support Specialist – Full‑Time, Flexible Schedule, Immediate Hire, Work‑From‑Home
Remote, USA
Full-time
Remote Customer Service Representative – Healthcare Support Specialist – Immediate Start, Full‑Time, Flexible Schedule, Work‑From‑Home
Remote, USA
Full-time
Remote Data Entry Specialist – High‑Accuracy Data Management for arenaflex’s Global Aviation Operations
Remote, USA
Full-time
Part‑Time Remote Data Scientist – AI‑Driven Analytics for Streaming & Entertainment Platforms at arenaflex
Remote, USA
Full-time
Part‑Time Remote Data Scientist – AI‑Driven Analytics for Streaming Services at arenaflex
Remote, USA
Full-time
Remote US Call Center Customer Support Agent – Healthcare Provider Inquiries & Claims – arenaflex
Remote, USA
Full-time
Urgently Hiring: Urgently Require Lecturer (Continuing): Physics
Remote, USA
Full-time
Remote USCIS Case Assistant VA
Remote, USA
Full-time
Human Resources Business Partner III
Remote, USA
Full-time
Senior Software Engineer, Windows/Desktop Applications - Tallinn, Estonia
Remote, USA
Full-time
SDR Team Manager
Remote, USA
Full-time
Community Growth Manager (contract)
Remote, USA
Full-time
Out of Network Accounts Receivable Specialist - Remote
Remote, USA
Full-time
Call Center Supervisor-Remote
Remote, USA
Full-time
Experienced Elementary Education Teacher – Virtual Learning Environment Specialist for Grades K-5, Remote Work from Home Opportunity
Remote, USA
Full-time
Kroger – Patient Access Coordinator- Prior Authorizations Experience Required- M-F -WFH – Lake Mary, FL
Remote, USA
Full-time