Job description
CloudLinux is a global remote-first company. We are driven by our principles: do the right thing, employees first, we are remote first, and we deliver high volume, low-cost Linux infrastructure and security products that help companies to increase the efficiency of their operations. Every person on our team supports each other and does what we can to ensure we all are successful.
Check out our website for more information https://cloudlinux.com/
We are looking for a talented Security Developer/Researcher to join our ELS team!
Endless Lifecycle Support (ELS) enables organizations to continue securely using Linux distributions and software languages that have reached the end of life or no longer receive standard security support – delivering vulnerability patches for unsupported versions of CentOS, CentOS Stream, Ubuntu, Debian, Oracle Linux, PHP, Python, and Spring software development framework.
For more information, visit our website: https://tuxcare.com/extended-lifecycle-support/
As our Security Developer/Researcher, you’ll be joining a dedicated research team responsible for delivering security patches—an essential part of our service. You’ll play a critical role in analyzing vulnerabilities and threats, backporting patches, and expanding coverage for supported applications and plugins.
You will be responsible for:
- Analyzing new security vulnerabilities in open-source PHP and JavaScript applications and frameworks (e.g., WordPress, Angular, Node.js, Drupal).
- Backporting upstream patches to fix vulnerabilities in earlier versions.
- Designing, building, and deploying new features for our internal tooling to automate workflows.
- Researching new trends in exploitation techniques and malware approaches and developing mitigation strategies.
- Increasing the coverage of supported PHP and JS applications and plugins.
Your work will directly impact the safety and credibility of millions of developers worldwide. That’s why we value attention to detail and a high standard of quality in everything you do.
To be successful, you should have:
- Good knowledge of JavaScript and PHP, or with one of them.
- Experience with a scripting language such as Python.
- 3+ years of relevant experience as a Software Engineer in Test, Security Researcher, or a similar role.
- Hands-on experience in researching vulnerabilities within JavaScript and/or PHP applications.
- Familiarity with Docker and Docker Compose.
- Upper-intermediate or higher level of English.
Nice to have:
- Understanding and knowledge of the security vulnerabilities life cycle is a plus.
- Good Linux knowledge.
What’s in it for you?
- A focus on professional development.
- Interesting and challenging projects.
- Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide.
- Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves.
- Compensation for private medical insurance.
- Co-working and gym/sports reimbursement.
- Budget for education.
- The opportunity to receive a reward for the most innovative idea that the company can patent.
By applying for this position, you consent to the processing of your personal data as described in our Privacy Policy ( https://cloudlinux.com/candidate-privacy-notice ), which provides detailed information on how we maintain and handle your data.
