As a Security Engineer, you will:
- Develop fixes for reported vulnerabilities and known issues.
- Research and identify vulnerabilities in code and mitigate them before they’re discovered.
- Coordinate with other WordPress contributors and security team members to move forward stalled issues.
The Security Engineer position might be a good fit if you:
- Have a deep understanding of WordPress, its file, and database structures.
- Have experience writing and debugging WordPress plugins and themes.
- Have a deep foundation of PHP internals.
- Have a love for securing and protecting websites and applications.
- Understand security threats, vulnerabilities, and common attack vectors such as XSS, SQL injection, session management, and so on, and how to mitigate them.
- Have a deep understanding of HTTP(S) and networking protocols (e.g., TCP/IP).
- You are highly collaborative and love participating in code reviews and discussions about architecture or design.
- You are open and able to travel 3-4 weeks per year to meet your teammates in person.
- Reported vulnerabilities in the past.
- Experience with HackerOne.
- Experience with penetration testing and associated tools.
- Previous experience with malware detection systems.
- Are familiar with large-scale systems.
Speaking of interests and skills, here are some areas in which you can grow and have further impact in the future at the company:
- Leadership – we offer various leadership options to those who have an interest, including becoming a team lead and managing releases.
- Learning and development – we have a generous personal development budget and encourage you to grow your skills through courses, books, and conferences.
- Architecture – we encourage developers to develop expertise in the systems they work with, guide their evolution, and mentor other developers working on them.
- Engineering effectiveness – we believe in helping other developers become more effective through tools, practices, cross-team collaborations, and process improvements.
To apply for this job please visit boards.greenhouse.io.