Wikimedia Foundation
Staff Software Security Engineer (PHP)
Wikimedia Foundation, California, Missouri, United States, 65018
The Wikimedia Foundation is looking for a Staff Security Software Engineer to join the Product Security team to build new security technologies to protect Wikipedia and our other projects. This is a very hands-on engineering role working alongside our other security team members to design and code new features to protect and reassure our users and to ensure the platform remains resilient against attacks.YOU ARE
a smart developer with experience building security features in large-scale systems. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications. You have a passion for the WMF mission. We do (almost) everything publicly and the work we do touches thousands of editors every day.You will be working primarily on our MediaWiki platform which powers Wikipedia. As a top 10 website, we must meet stringent performance standards while addressing new security challenges such as supporting modern authentication technologies, detecting and preventing platform abuse from bots, and planning and rolling out improvements to our security architecture by defending against emerging security threats.You are responsible for:Help design and build MediaWiki security capabilitiesMentor and lead a security development teamReview and deploy security features developed by the Foundation and community membersWork with other development teams to ensure that they make safe architectural and implementation choicesPerform security maintenance and address technical debt in security-critical componentsProvide support for application security incidents and operationsSkills and Experience:+8 years of experience in the software engineering area with a focus on securityAbility to work effectively in a modern, object-oriented PHP code-baseExperience in developing secure software or security-related product featuresA strong interest in working with a talented security team and learning more specialist security skills such as exploiting and mitigating application-level vulnerabilitiesPatience in explaining security issues and their implications on privacy and risk to non-technical audiencesSensitivity to the security challenges faced by participants in a large, international projectExperience using Linux at the command line for tasks related to web application development and deploymentAbility to maintain focus when working remotelyAdditionally, we’d love it if you have:Experience working on anti-abuse mechanisms such as CAPTCHA and bot detectionPrevious experience building security countermeasures against attacks on technologies at the web, backend, and database levelExperience finding and fixing security bugs and reviewing code for security gapsA working knowledge of threat modeling and secure design patternsAbout the Wikimedia Foundation
The Wikimedia Foundation is the nonprofit organization that operates Wikipedia and the other Wikimedia free knowledge projects. Our vision is a world in which every single human can freely share in the sum of all knowledge. We believe that everyone has the potential to contribute something to our shared knowledge, and that everyone should be able to access that knowledge freely.The Wikimedia Foundation is a charitable, not-for-profit organization that relies on donations. We receive donations from millions of individuals around the world, with an average donation of about $15. We also receive donations through institutional grants and gifts. The Wikimedia Foundation is a United States 501(c)(3) tax-exempt organization with offices in San Francisco, California, USA.As an equal opportunity employer, the Wikimedia Foundation values having a diverse workforce and continuously strives to maintain an inclusive and equitable workplace. We encourage people with a diverse range of backgrounds to apply.
#J-18808-Ljbffr
a smart developer with experience building security features in large-scale systems. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications. You have a passion for the WMF mission. We do (almost) everything publicly and the work we do touches thousands of editors every day.You will be working primarily on our MediaWiki platform which powers Wikipedia. As a top 10 website, we must meet stringent performance standards while addressing new security challenges such as supporting modern authentication technologies, detecting and preventing platform abuse from bots, and planning and rolling out improvements to our security architecture by defending against emerging security threats.You are responsible for:Help design and build MediaWiki security capabilitiesMentor and lead a security development teamReview and deploy security features developed by the Foundation and community membersWork with other development teams to ensure that they make safe architectural and implementation choicesPerform security maintenance and address technical debt in security-critical componentsProvide support for application security incidents and operationsSkills and Experience:+8 years of experience in the software engineering area with a focus on securityAbility to work effectively in a modern, object-oriented PHP code-baseExperience in developing secure software or security-related product featuresA strong interest in working with a talented security team and learning more specialist security skills such as exploiting and mitigating application-level vulnerabilitiesPatience in explaining security issues and their implications on privacy and risk to non-technical audiencesSensitivity to the security challenges faced by participants in a large, international projectExperience using Linux at the command line for tasks related to web application development and deploymentAbility to maintain focus when working remotelyAdditionally, we’d love it if you have:Experience working on anti-abuse mechanisms such as CAPTCHA and bot detectionPrevious experience building security countermeasures against attacks on technologies at the web, backend, and database levelExperience finding and fixing security bugs and reviewing code for security gapsA working knowledge of threat modeling and secure design patternsAbout the Wikimedia Foundation
The Wikimedia Foundation is the nonprofit organization that operates Wikipedia and the other Wikimedia free knowledge projects. Our vision is a world in which every single human can freely share in the sum of all knowledge. We believe that everyone has the potential to contribute something to our shared knowledge, and that everyone should be able to access that knowledge freely.The Wikimedia Foundation is a charitable, not-for-profit organization that relies on donations. We receive donations from millions of individuals around the world, with an average donation of about $15. We also receive donations through institutional grants and gifts. The Wikimedia Foundation is a United States 501(c)(3) tax-exempt organization with offices in San Francisco, California, USA.As an equal opportunity employer, the Wikimedia Foundation values having a diverse workforce and continuously strives to maintain an inclusive and equitable workplace. We encourage people with a diverse range of backgrounds to apply.
#J-18808-Ljbffr