Website Automattic

As a Security Engineer, you will:

Develop fixes for reported vulnerabilities and known issues.
Research and identify vulnerabilities in code and mitigate them before they’re discovered.
Coordinate with other WordPress contributors and security team members to move forward stalled issues.

The Security Engineer position might be a good fit if you:

Have a deep understanding of WordPress, its file, and database structures.
Have experience writing and debugging WordPress plugins and themes.
Have a deep foundation of PHP internals.
Have experience in JavaScript APIs and React.
Have a love for securing and protecting websites and applications.
Understand security threats, vulnerabilities, and common attack vectors such as XSS, SQL injection, session management, and so on, and how to mitigate them.
Have a deep understanding of HTTP(S) and networking protocols (e.g., TCP/IP).
You are highly collaborative and love participating in code reviews and discussions about architecture or design.
You are open and able to travel 3-4 weeks per year to meet your teammates in person.

Leadership – we offer various leadership options to those who have an interest, including becoming a team lead and managing releases.
Learning and development – we have a generous personal development budget and encourage you to grow your skills through courses, books, and conferences.
Architecture – we encourage developers to develop expertise in the systems they work with, guide their evolution, and mentor other developers working on them.
Engineering effectiveness – we believe in helping other developers become more effective through tools, practices, cross-team collaborations, and process improvements.

To apply for this job please visit boards.greenhouse.io.