Desired Skills and Experience

  • Triage and remediate reported security issues
  • Work with Security team members to build and maintain security features
  • Review and deploy features developed by the Foundation and community members
  • Work with other development teams to ensure that they make safe architectural and implementation choices
  • Constantly poke and abuse our software to find bugs before attackers do
  • Two or more years of application security experience, including thorough understanding of issues documented in the OWASP Top Ten and CWE Top 25
  • Strong understanding of modern, object-oriented PHP development
  • Demonstrated ability to exploit and mitigate application-level vulnerabilities
  • Experience conducting software security reviews using a combination of source code inspection, manual testing, and automated scanning
  • Patience in explaining security issues and their implications on privacy to non-technical audiences
  • Sensitivity to the security challenges faced by participants in a large, international project
  • Strong understanding of cryptography as applied to web application security (encryption, hashing, PKI management), including analysis and implementation
  • Strong knowledge of the use of a scripting language for system administration and automation
  • Experience using Linux/Unix at the command line for tasks related to web application development and deployment (“DevOps”)
  • Ability to maintain focus when working remotely
  • Experience as a contributor in the Wikipedia or Wikimedia project communities
  • Experience contributing to a consensus-based open source project
  • Experience developing, maintaining, or administering authentication systems
  • In-depth experience developing or auditing client-side JavaScript
  • Experience with both relational and NoSQL/key-value data storage mechanisms
  • Fully paid medical, dental and vision coverage for employees and their eligible families (yes, fully paid premiums!)
  • The Wellness Program provides reimbursement for mind, body and soul activities such as fitness memberships, baby sitting, continuing education and much more
  • The 401(k) retirement plan offers matched contributions at 4% of annual salary
  • Flexible and generous time off - vacation, sick and volunteer days, plus 19 paid holidays - including the last week of the year.
  • Family friendly! 100% paid new parent leave for seven weeks plus an additional five weeks for pregnancy, flexible options to phase back in after leave, fully equipped lactation room.
  • For those emergency moments - long and short term disability, life insurance (2x salary) and an employee assistance program
  • Pre-tax savings plans for health care, child care, elder care, public transportation and parking expenses
  • Telecommuting and flexible work schedules available
  • Appropriate fuel for thinking and coding (aka, a pantry full of treats) and monthly massages to help staff relax
  • Great colleagues - diverse staff and contractors speaking dozens of languages from around the world, fantastic intellectual discourse, mission-driven and intensely passionate people

Apply