We are looking for a motivated Threat Analyst who will help us validate new security vulnerabilities and do security testing for PHP-based open-source components. It's a job where you could impact the security of millions of websites.
Patchstack is building a cybercrime resistance with the help of the ethical hacker community. Together we make the open-source web safer for everyone.
Patchstack has a security vulnerability database for CMSs, a SaaS platform to provide real-time protection and a gamified bug hunting platform that covers all open-source components.
We are not looking for staff augmentation, agencies, or freelancers. We're looking for a full-time team member who can grow with the rest of the team.
1) We provide a SaaS solution to detect and vpatch plugin vulnerabilities patchstack.com/solutions/
2) We run a community-driven bug bounty platform (Patchstack Red Team) to nurture a community of independent security researchers behind the WordPress ecosystem.
3) We maintain an open and free WordPress vulnerability database patchstack.com/database/
4) We provide professional code review and security auditing to WordPress plugins
The candidate should have some industry certifications such as OSCP, OSWE, eWPT, etc. The position is full-time, remote (in the EU timezone).
We're looking for a self-disciplined professional with excellent communication skills who is fluent in the English language.
You'll be working in a fast-paced startup environment where everybody is involved in planning the direction and growth of the company.
While we provide a lot of personal freedom, we're looking for a solution-oriented person who is not afraid of challenges and is also happy to work on tasks that might not fall into everyday responsibilities.
To apply to a threat analyst position at Patchstack, please include your contact information, background, and employment history including job titles, starting and ending dates of employment.
If you have any references to your previous work and links to additional information (e.g. LinkedIn, blog, research articles) please add those as well.