Contract Security Analyst, Infected Websites

Defiant Inc

Description


Defiant is a small, dynamic, fast-growing, and profitable company with loyal customers who love our products and services. We are the global leader in WordPress security, protecting over 3 million websites.


We're seeking a Security Analyst to work on a contract basis from your home office. We would require you to commit a minimum of 30 hours per week and be available some nights and weekends for on-call rotation. Preference will be given to candidates from Australia, India or New Zealand to fill in the necessary hours. You may be required to help with the pre-service of the customers in addition to your primary role.


Company Culture


You'll work with a talented and highly-motivated team that is friendly, fast-moving, self-managing, and highly capable with a sense of humor. Our team's family time is important; we won't typically require long hours when we can avoid it, which is almost always. Our entire team works remotely using Slack for casual interaction ­so you can live practically anywhere you have a good Internet connection. There's no micro-­management here—we trust that you will see tasks through to completion and communicate with your fellow team members when needed or ask for help when needed.


At Defiant, ‘trust’ is the attribute we value most highly among our team members. We need to know that you can be given a task, follow instructions, communicate clearly with stakeholders and customers, and see the task to completion with superb attention to detail.


We use apps like Slack, FogBugz, GitHub, and Google Apps for our workflow.


Description


We are looking for security analysts to join our forensics team. You will assist our customers to investigate how their site was hacked and to repair their site and remove all traces of the intrusion utilizing our proprietary software.


In addition to this, you will also collect evidence from intrusions that will help improve our threat detection. You will need to determine how the intrusion occurred and then collect all IOC’s (indicators of compromise) and share this data with the customer and our threat intelligence team in a structured way.


The hourly rate is $25.00 - $50.00 US based on experience.


 General requirements:



  • You must be highly technical and be comfortable with a wide range of open source tools and technologies.

  • You must have excellent written and verbal communication skills.

  • You must work well in a team.

  • You must be nimble, be able to come up with creative solutions to challenging problems and must have a mature approach to problem solving.

  • You must have attention to detail.

  • You must able to follow instructions as they are provided to you.

  • Strong proficiency in written and spoken English.


Requirements


The specific skills we require for this position are:



  • 5 years of experience with WordPress required.

  • At least 5 years of experience administering LAMP systems.

  • Ability to program in PHP and JavaScript. Other languages like Python a strong plus.

  • Understanding of SQL and ability to use the MySQL client.

  • Experience investigating hacked websites, determining how the intrusion occurred and removing the intrusion and restoring the site to a fully functional state.

  • An understanding of all major vulnerability types and the ability to explain them to a customer in a way they can understand.

  • Ability to analyze web log files and determine how an intrusion occurred.

  • Must be able to use Linux shell tools like grep, find and any other utility that can assist with investigation and remediation.

  • You must be well versed in information security; penetration testing or forensics certifications you already have are a strong plus.

  • A solid understanding of regular expressions. You need to be able to write expressions on the fly to match and remove only malicious code (which is often polymorphic) without affecting any legitimate code.

  • The ability to complete the necessary reports, scheduling and timesheets as required by the team.


All positions require a trial period of approximately 3 weeks with a minimum commitment of 10 hours per week. You will be paid for this short-term contract, and it will be used to evaluate whether both parties want to pursue an ongoing working relationship.


All offers are contingent on successful completion of a background check. The results of the background check are considered as they relate to the position and do not automatically disqualify someone from a offer of work with the company.


Benefits


Full-time telecommuting with a company that has been 100% remote for over 8 years.


Diversity at Defiant


We value diversity and do not discriminate based on race, color, religion or creed, national origin or ancestry, sex, age, physical or mental disability, military or veteran status, gender identity or expression, marital status, sexual orientation, political ideology, economic status, parental status, or any other non-performance-related status.


HIRING PROCESS


We have a unique process that we use when it comes to hiring our forensic and remediation team. It works as follows:



  1. The initial step is to fill in the form provided in this application. This is very important because we look at your answers to this form before we look at any other part of your application. The way you answer our form will largely determine if your application moves on to the next step.

  2. If approved, you'll be scheduled for a series of audio interviews.

  3. If you are successful, you will join our fast-paced team and start contributing valuable research to Wordfence and the larger online community. All Security Analyst positions start on a paid 3 week trial contract that is available part-time (at least 10 hours per week) with some flexibility in hours.

Apply

👉 Please mention in your application that you found the job on pyremote, this helps us get more companies to post here!

This job is sourced from Stack Overflow Jobs. When clicking on the button to apply above, you will leave pyremote and go to the job application page. pyremote accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.