Summary:

The Wikimedia Foundation is looking for a Software Engineer to join the Security team working to help protect Wikipedia and our other projects. You’ll be working with other developers and security engineers to create and maintain security-centric features of our public sites, and to develop tools used by the Security team to aid in finding and fixing security bugs before they’re exploited.

YOU ARE a smart software developer with experience building security features in large scale systems. You understand the importance of testing and documentation, and common pitfalls in developing secure web applications. You must have a passion for the WMF mission. We do (almost) everything publicly, and volunteers can add arbitrary JavaScript to our site. That should both frighten and thrill you.

You will be joining a team responsible for ensuring the security and integrity of applications written in PHP, Python, Ruby, Lua, Perl, JavaScript (Nodejs) among others, using both relational and key-value data storage mechanisms. (Don’t worry, you don’t need to have had experience with all of those technologies.)

As a Software Engineer for the security team, we’d like you to do these things:

• Collaborate with Foundation and community members on creation of software specifications

• Implement and maintain security-centric features (authentication/authorization, encryption, hashing, and PKI management)

• Create tools to automate Security team processes

• Write and apply software patches to remediate reported security issues