If you’re on a team, an individual team member must submit the vulnerability.  For more information, please visit the HackerOne site