Backend Developer, WordPress & PHP
Evertech
AWSCloudFirebaseJavaScriptMySQLPHPVue.jsWordPress
Security Analyst, Infected Websites
Defiant
contract
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteSalary
💰 $25 - $30 per hour
Job Level
JuniorMid-Level
Tech Stack
JavaScriptLinuxMySQLOpen SourcePHPWordPress
About the role
- Assist customers with support questions related to our product and investigate site intrusions.
- Repair infected sites and remove all traces of compromise; determine how the intrusion occurred and remove the intrusion vector.
- Collect and process evidence from intrusions and collect all IOCs (indicators of compromise).
- Work with Threat Intelligence team on vulnerability research and malware signature development.
- Triage and validate vulnerability reports submitted through the Bug Bounty Program: assess impact, reproduce and analyze vulnerabilities in controlled environments, and identify root causes in source code.
- Document findings, recommend fixes or custom firewall rules, and propose bounty amounts based on severity and impact.
- Collaborate with developers, customer support, and disclosure teams; validate that patches are sufficient once released.
- Use tools and workflows including Slack, FogBugz, GitHub, and Google Apps.
Requirements
- 3+ years of experience with WordPress required.
- Technical experience with common web application based vulnerabilities in WordPress plugins and themes.
- A solid understanding of WordPress hooks, how they are used, and how they can lead to vulnerabilities.
- 5+ years of experience administering multiple Linux stacks (We don't support Windows).
- 5+ years of experience with MySQL.
- 2+ years of experience conducting remediation of compromised websites, including analysis of how the intrusion occurred, removing the intrusion vector, and restoring the site to a fully functional state.
- Highly technical and comfortable with a wide range of open source tools such as grep, find, etc.
- Excellent written and verbal communication skills; ability to interact with customers professionally.
- Work well in a team and work independently without additional guidance.
- Excellent analytical ability, ability to think outside of the box, and an eagerness to learn.
- Must have attention to detail.
- Experience in vulnerability research is a plus: ability to develop proof of concepts programmatically or conceptually; ability to replicate exploitability in a test environment; ability to review source code changes to determine if a vulnerability was patched; experience generating/modifying HTTP requests; experience working with BURP suite or similar proxy software and a PHP debugger.
- A solid understanding of regular expressions; must be able to write expressions on the fly to match and remove only malicious code and to write malware signatures for our products.
- Ability to write and read PHP, regular expressions, cron jobs, and JavaScript.
- Understanding of all major vulnerability types and the ability to explain them to a customer in terms they can understand.
- Ability to analyze log files and determine how an intrusion occurred.
- Certifications in penetration testing or forensics are a strong plus.
Similar jobs on JobTailor
Customer Support Engineer I
Fivetran
JavaLinuxMySQLNoSQLOraclePostgresSQLTCP/IPUnix
Ecosystem Engineering and Operations Lead
The Linux Foundation
LinuxOpen Source
Guidewire ClaimCenter Developer
AAA
ApacheGuidewireJavaJavaScriptNode.jsReactSOAPSQL
Splunk Administrator
Falconwood, Incorporated
AWSCloudCyber SecurityLinuxNFSPerlPythonSplunkTCP/IP