Updated: July 28, 2021

Patchstack Is Hiring A Security Researcher

Oliver Sild
from patchstack

Patchstack is hiring a security researcher experienced with web application security and technologies such as PHP, JavaScript, WordPress, Laravel, and knowledge in other content management systems is valuable.

Patchstack is a leading security company providing vulnerability information and virtual patches against security issues found within WordPress, plugins, and themes.

We maintain a free WordPress vulnerability database and focus on building a community of independent security researchers (Patchstack Red Team) behind the WordPress ecosystem.

As a company, we believe in transparency, integrity, community, and put personal growth to a high priority.

Patchstack is a winner of Global InfoSec Awards 2021 in two categories: Open Source Security and Web Application Security for providing "Cutting Edge" solution to the market. We are also one of the three security companies in the WordPress ecosystem that is authorized to assign CVE IDs to WordPress-related vulnerabilities.

What we do:
1) We provide a SaaS solution to detect and vpatch plugin vulnerabilities patchstack.com/features/
2) We run a community-driven bug bounty platform (Patchstack Red Team) to nurture a community of independent security researchers behind the WordPress ecosystem.
3) We maintain an open and free WordPress vulnerability database patchstack.com/database/
4) We provide professional code-review and security auditing to WordPress plugins patchstack.com/security-audits/

Who are we hiring for a security researcher position at Patchstack?

The candidate should have some industry certifications such as OSCP, OSWE, eWPT, etc. The position is full-time, remote (in the EU timezone).

We're looking for a self-disciplined professional with excellent communication skills who is fluent in the English language.

You'll be working in a fast-paced startup environment where everybody is involved in planning the direction and growth of the company.

While we provide a lot of personal freedom, we're looking for a solution-oriented person who is not afraid of challenges and is also happy to work on tasks that might not fall into everyday responsibilities.

Day-to-day tasks include:

  • Threat hunting to find and analyze new vulnerabilities
  • Validating new vulnerabilities reported by our community (Patchstack Red Team)
  • Creating and testing virtual patches for new vulnerabilities
  • Creating original research and writing in-depth articles about new threats and vulnerabilities
  • Conducting pen-testing and code-reviews (PHP based applications)
  • Must be familiar with industry standards like OWASP TOP 10, CVSS

Requirements for the security researcher:

  • Deep personal motivation to make the web a safer place for everyone
  • Deep knowledge about AppSec
  • Previous experience with security testing
  • Fluent English in both speaking and writing
  • Outstanding communication skills
  • Knowledge about WordPress
  • Knowledge about other PHP based content management systems
  • Good understanding of regex

Would be helpful:

  • Previous experience working in a web hosting or web security company
  • Previous experience with analyzing malware from infected websites
  • Previous vulnerability research and findings
  • Previous experience working in a remote team
  • Industry certifications

What we can offer:

  • Work in a quickly growing tech company
  • Highly impactful work
  • No corporate environment
  • Paid training for work-related personal development
  • Paid vacations (35 days a year)
  • Full-time telecommuting in a globally distributed team
  • Co-working space membership or ergonomic desk equipment for home
  • Fitness club or a local gym membership
  • Competitive salary with stock options plan

How to apply?

To apply to a security researcher position at Patchstack, please include your contact information, background, and employment history including job titles, starting and ending dates of employment.

If you have any references to your previous work and links to additional information (e.g. LinkedIn, blog, research articles) please add those as well.

Click here to apply!

Start your 7-day free trial and join 50,000+ other developers
Get Patchstack
Share This Article

Start your free 7-day trial and join 50,000+ other businesses

Get started now