Job openings/Software Security Engineer

 YOU ARE ...

... a smart, experienced PHP/MySQL software developer with software security experience. You are passionate about Wikimedia's mission to bring free knowledge to every person on the planet, and you want to make Wikipedia and other Wikimedia-operated websites better.

You enjoy the technical challenges associated with managing databases with millions of records. You can competently optimize database queries, adjust server configuration settings, and develop new features. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications.

You build software correctly, and are good at holding others to your high standards. You understand the principles of open source software development and the importance of community building.

If much or all of this applies to you -- please send us a thoughtful application letter and tell us why you're the right person for the job! :-)

JOB TITLE

Software Security Engineer [CLOSED]

REPORTS TO

Director of Platform Engineering

Job Summary


 * Design and develop new features and enhance existing features of Wikimedia systems, with a particular focus on features requiring expertise in security (such as authentication and other handling of sensitive data).
 * Improve security, efficiency, scalability, stability and maintainability of Wikimedia systems.
 * Conduct security design and code reviews for Wikimedia employees and volunteer developers.
 * Perform software deployments to Wikimedia websites.
 * Collaborate and communicate with all stakeholders on design, development and testing.

Required Qualifications
 * 5+ years of related work experience.
 * 3+ years of experience building web applications.
 * B.S. or M.S. in Computer Science or related field or equivalent experience.
 * Extensive experience building large-scale server applications.
 * Proven track record finding and fixing software vulnerabilities.
 * Expert knowledge developing and debugging in Linux (LAMP) environments.
 * Excellent knowledge of PHP.
 * Excellent knowledge of MySQL and other relational databases.
 * Experience with operating system internals, filesystems, programming language design, compilers, distributed systems, or server architectures.

Additional Qualifications
 * Excellent knowledge of other scripting languages such as bash and Python a plus.
 * Experience working in an open source project.
 * Experience in the Wikipedia community a plus.
 * Experience managing an external security audit a major plus.
 * Experience with static analysis tools such as PHP-sat and PHP_CodeSniffer a major plus
 * Experience with C/C++ debugging using open source tools like gdb and Valgrind a major plus

Please provide URLs to any existing free software work you may have done (your own software or patches to other packages) if possible – we'd love to see what you can do! Let us know why this position interests you.