Implement security-sensitive components of the WEBCAT browser extension.
Analyze and provide feedback to draft specifications for code integrity and transparency in the browser context, as well as potentially author or co-author technical proposals.
Work independently and communicate progress in regular check-ins with other FPF engineering staff.
Collaborate with other engineers and researchers at FPF and externally to identify and mitigate security threats.

Requirements

Deep understanding of web application security principles (e.g., XSS attack mitigation) and browser security models (e.g., Same-Origin Policy, Content Security Policy, etc.)
Demonstrated adversarial thinking; prior experience auditing or participating in Capture The Flag (CTF) competitions is a plus.
Hands-on software development expertise.
Experience across the software development life cycle: building, testing, shipping, and releasing code into production.
Comfort working in open source development.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

web application securityXSS attack mitigationSame-Origin PolicyContent Security Policysoftware developmentsoftware development life cyclebuilding codetesting codeshipping codereleasing code

Soft skills

adversarial thinkingindependent workcommunicationcollaboration