Senior Security Engineer – Node.js Proactive Defense

🕒 vor 23 Tagen

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

CloudLinux

WebsiteLinkedInAlle Stellen

51 - 200 Mitarbeiter

Gegründet 2009

☁️ SaaS

🔐 Sicherheit

🌐 Web 3

SaaS • Security • Web 3

CloudLinux ist ein führender Anbieter von Betriebssystemen, die speziell für Webhosting-Umgebungen entwickelt wurden. Das Unternehmen bietet eine Produktlinie, darunter CloudLinux OS Legacy, CloudLinux OS Shared Pro und CloudLinux OS Solo – jeweils darauf ausgelegt, die Serverstabilität, Sicherheit und Performance zu verbessern. Mit Funktionen wie Kernel-Live-Patching, fortschrittlichen Automatisierungs- und Monitoring-Tools sowie spezialisierter WordPress-Optimierung unterstützt CloudLinux Hosting-Unternehmen dabei, Sicherheit und Profitabilität zu maximieren und gleichzeitig stabile Serverumgebungen sicherzustellen. Mehr als 4. 000 Unternehmen vertrauen auf CloudLinux, um weltweit Millionen von Websites zu betreiben und von erhöhter Stabilität sowie geringeren Abwanderungsraten zu profitieren. Das Unternehmen legt großen Wert auf Kompatibilität mit führenden Hosting-Control-Panels und CentOS und bietet Lösungen für Shared-Hosting-Anbieter, Agenturen und kleine Unternehmen.

Beschreibung

• Design and ship a Node.js runtime agent that hooks into the V8/Node lifecycle to trace and block malicious behavior patterns (child_process spawn chains, eval / Function constructors, prototype pollution exploitation, unsafe deserialization, SSRF, path traversal, fs writes to sensitive locations, malicious require() / dynamic import chains, supply-chain poisoning at load time). • Define the detection model: which behaviors are policy-blockable by default, which are signal-only, and how rules are authored, distributed, and versioned alongside our existing Proactive Defense rule pipeline. • Integrate the agent with the rest of the on-host Imunify security stack so that Node.js detections, blocks, and incidents flow into the same telemetry pipeline, the same backend event store, and the same admin UI as our other layers (WAF, host-IDS, brute-force protection, malware scanner, patch management). This ships as a first-class layer of Imunify360, not a standalone tool. • Make it production-safe on shared hosting: low overhead, tenant-isolated, compatible with CageFS / LVE, and resilient to hostile tenants who will try to disable or evade the agent. • Build the pipeline that turns CVE write-ups and threat-intel feeds into shipped detections. The system — not a human — ingests advisories, extracts the exploit primitive, generates and tests rule candidates against a corpus, and rolls them out with the right signal-only / blocking posture. • Own the closed feedback loop from production blocks (true positives, false positives, evasions) back into the next generation of rules.

🎯 Anforderungen

• **Must have:** • - **Security engineer mindset:** thinks in attack surfaces, exploit primitives, and defense-in-depth - not just in OWASP checklists. Can read a CVE writeup and reconstruct the primitive, not just the patch. • - **Runtime/exploitation knowledge across languages:** prototype pollution, deserialization, command injection, SSRF, path traversal, supply-chain poisoning - knows why these primitives exist, not just that they have names. • - **Systems-level development:** Linux daemons, systemd, privileged processes, IPC, namespaces/cgroups, file-descriptor and signal hygiene. • - **Low-level / instrumentation instinct:** has hooked, traced, or intercepted something in production - LD_PRELOAD, eBPF, ptrace, JVM agents, Python sys.settrace, language-runtime preload, kernel modules. The specific tech doesn't matter; the instinct does. • **Nice to have:** • - Shared-hosting / multi-tenant Linux experience: LVE, CageFS, control-panel ecosystems, or analogous tenant-isolation work. • - Comfort working from a CVEs and threat-intel feed as primary product input.

🏖️ Vorteile

• A focus on professional development. • Interesting and challenging projects. • Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide. • Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves. • Compensation for private medical insurance. • Co-working and gym/sports reimbursement. • Budget for education. • The opportunity to receive a reward for the most innovative idea that the company can patent.