CloudLinux is a global remote-first company. We are driven by our principles: do the right thing, employees first, we are remote first, and we deliver high volume, low-cost Linux infrastructure and security products that help companies to increase the efficiency of their operations. Every person on our team supports each other and does what we can to ensure we all are successful.

Check out our website for more information https://cloudlinux.com/

We are looking for a talented Security Developer/Researcher to join our ELS team!

Endless Lifecycle Support (ELS) enables organizations to continue securely using Linux distributions and software languages that have reached the end of life or no longer receive standard security support - delivering vulnerability patches for unsupported versions of CentOS, CentOS Stream, Ubuntu, Debian, Oracle Linux, PHP, Python, and Spring software development framework.

For more information, visit our website: https://tuxcare.com/extended-lifecycle-support/

As our Security Developer/Researcher, you'll be joining a dedicated research team responsible for delivering security patches—an essential part of our service. You'll play a critical role in analyzing vulnerabilities and threats, backporting patches, and expanding coverage for supported applications and plugins.

You will be responsible for:

Analyzing new security vulnerabilities in open-source PHP and JavaScript applications and frameworks (e.g., WordPress, Angular, Node.js, Drupal).
Backporting upstream patches to fix vulnerabilities in earlier versions
Designing, building, and deploying new features for our internal tooling to automate workflows
Researching new trends in exploitation techniques and malware approaches and developing mitigation strategies
Increasing the coverage of supported PHP and JS applications and plugins

Your work will directly impact the safety and credibility of millions of developers worldwide. That's why we value attention to detail and a high standard of quality in everything you do.

Requirements

To be successful, you should have:

Good knowledge of JavaScript and PHP, or with one of them
Experience with a scripting language such as Python
3+ years of relevant experience as a Software Engineer in Test, Security Researcher, or a similar role
Hands-on experience in researching vulnerabilities within JavaScript and/or PHP applications
Familiarity with Docker and Docker Compose.
Upper-intermediate or higher level of English

Nice to have:

Understanding and knowledge of the security vulnerabilities life cycle is a plus
Good Linux knowledge

Benefits

What's in it for you?

A focus on professional development
Interesting and challenging projects
Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide
Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves
Compensation for private medical insurance
Co-working and gym/sports reimbursement
Budget for education
The opportunity to receive a reward for the most innovative idea that the company can patent

By applying for this position, you consent to the processing of your personal data as described in our Privacy Policy (https://cloudlinux.com/candidate-privacy-notice), which provides detailed information on how we maintain and handle your data.