Security Analyst for Infected Websites (Australia or New Zealand) - remote
Defiant Inc
Posted 3 years ago
Description
Defiant is a dynamic, fast-growing, and profitable company with loyal customers who love our products and services. We are the global leader in WordPress security, protecting over 4 million websites.
We're seeking a Security Analyst to work on an hourly contract basis from your home office in Australia or New Zealand from approximately 9-5 AEST Monday through Friday, with 100% availability during that time.
The contract rate for this role is $45 - $50 AUD per hour, depending on experience.
Company Culture
You'll work with a talented and highly-motivated team that is friendly, fast-moving, self-managing, and highly capable with a sense of humor. Our team's family time is important;we won't typically require long hours when we can avoid it, which is almost always. Our entire team works remotely using Slack for interaction, so you can live practically anywhere you have a good Internet connection. There's no micro-management here—we trust that you will see tasks through to completion and communicate with your fellow team members when needed or ask for help when needed.
At Defiant, ‘trust’ is the attribute we value most highly among our team members. We need to know that you can grab a task, communicate clearly with stakeholders, and see the task to completion with superb attention to detail.
We use apps like Slack, FogBugz, GitHub, and Google Apps for our workflow.
Job Description
We are looking for Security Analysts to join our Care and Response team. You will assist our customers with support questions related to our product and investigate site intrusions;as well as repair their site and remove all traces of compromise. In addition to this you will also collect evidence from intrusions that will help improve our threat detection. You will need to determine how the intrusion occurred and then collect all IOC’s (indicators of compromise) and share this data with our product team in a structured way.
General requirements:
- You must be highly technical and be comfortable with a wide range of open source tools.
- Excellent written and verbal communication skills.
- Ability to interact with customers on a professional level.
- You must work well in a team as well as being able to work independently without additional guidance.
- You must be nimble, be able to think outside-the-box and be able to come up with creative solutions to challenging problems and must have a mature approach to problem solving.
- Attention to detail.
Requirements
The specific skills we require for this position are:
- A solid understanding of regular expressions. You need to be able to write expressions on the fly to match and remove only malicious code (which is often polymorphic) without affecting any legitimate code and to write signatures for our customers.
- At least 5 years of experience administering multiple Linux Stacks (We don't support Windows).
- Ability to write and read PHP, regular expressions, cron jobs and JavaScript. Other languages like Python a strong plus.
- 5+ years with MySQL.
- At least 2+ years of experience investigating hacked websites analysis of how the intrusion occurred and removing the intrusion vector and restoring the site to a fully functional state.
- An understanding of all major vulnerability types and the ability to explain them to a customer in terms they can understand.
- Ability to analyze log files and determine how an intrusion occurred.
- Must be able to use shell tools like grep, find and any other utility that can assist with investigation and remediation.
- 3+ years of experience with WordPress required.
- You must be well versed in information and cyber security and any certifications you already have in penetration testing or forensics are a strong plus.
All positions require a trial period of approximately 2-3 weeks with a minimum commitment of 10 hours per week. You will be paid for this short-term contract, and it will be used to evaluate whether both parties want to pursue an ongoing working relationship.
All offers are contingent on successful completion of a background check. The results of the background check are considered as they relate to the position and do not automatically disqualify someone from a offer of work with the company.
Benefits
Full-time telecommuting with a company that has been 100% remote for over 8 years.
Diversity at Defiant
We value diversity and do not discriminate based on race, color, religion or creed, national origin or ancestry, sex, age, physical or mental disability, military or veteran status, gender identity or expression, marital status, sexual orientation, political ideology, economic status, parental status, or any other non-performance-related status.