Website Security Analyst – WordPress (Contract, Remote)

Website Defiant, Inc.

The global leader in WordPress security.

Company: Defiant, Inc. (Makers of Wordfence)
Location: Remote (Globally, with strict Eastern Time shift requirements)
Also See: Area Manager, Asset Protection

Defend the Web: Join the Global Leader in WordPress Security

Defiant, Inc. is the dynamic, fast-growing, and profitable company behind Wordfence, the global leader in WordPress security protecting over 5 million websites. We are a 100% remote team of talented, self-managing experts with a great sense of humor, dedicated to providing products and services our customers love.

We are seeking highly technical and detail-oriented Website Security Analysts to join our Care and Response Team on an hourly contract basis. In this frontline role, you will be the expert who investigates, remediates, and fortifies compromised websites, turning critical incidents into learning opportunities that improve security for millions. If you are a WordPress guru with a hacker’s mindset for investigation and a builder’s skill for repair, this is your chance to work with the best in the industry.

Your Mission: Investigate, Remediate, and Strengthen WordPress Security

You will be the first line of defense for our customers, handling live intrusions, conducting forensic analysis, and contributing directly to our threat intelligence. During quieter periods, you will validate critical vulnerabilities from our Bug Bounty Program.

Key Responsibilities:

  • Take ownership of customer site intrusions. Conduct forensic analysis to determine the attack vector, collect Indicators of Compromise (IOCs), completely remove malware, and restore sites to full functionality.

  • Process evidence from intrusions to help our Threat Intelligence team develop new malware signatures, firewall rules, and vulnerability research.

  • Validate, reproduce, and analyze vulnerability reports. Assess impact, identify root causes in source code, document findings, and recommend fixes or custom rules.

  • Analyze server log files, write and interpret PHP, JavaScript, and regular expressions to surgically remove polymorphic malware. Explain complex security issues to customers clearly and professionally.

Who You Are (The Ideal Candidate):

  • A WordPress security expert with 3+ years of deep hands-on experience with the WordPress core, plugins, themes, and hooks.

  • Has 2+ years of direct experience conducting full remediation of compromised websites, from analysis to restoration.

  • Technically proficient with Linux stacks, MySQL, and open-source CLI tools (grep, find, etc.).

  • Possesses a solid understanding of common web vulnerabilities (XSS, SQLi, CSRF, etc.) and the ability to write and interpret regular expressions on the fly.

  • Has experience with tools like Burp Suite, PHP debuggers, and analyzing HTTP requests.

  • An excellent written and verbal communicator in English who can interact professionally with customers and team members.

  • Able to work 100% independently during a set shift with superb attention to detail. Trust and autonomy are our core values.

  • Vulnerability research experience (developing PoCs, reviewing patches) is a strong plus.

Shift Availability & Compensation:

  • Choose Your Shift: Weekdays (Mon-Fri, 9 AM – 5 PM ET) or Weekends (Sat-Sun, 11 AM – 7 PM ET). You must have 100% availability during your chosen shift.

  • Contract Rate: $35+ USD per hour, depending on experience.

  • Location: Fully remote. Candidates in time zones aligning with ET business hours are encouraged to apply (you do not need to be in the USA).

Why Contract with Defiant?

  • Join the acknowledged global leader in your field and learn from an elite, motivated team.

  • Be part of a company that has been successfully remote for over 8 years. We value trust, avoid micromanagement, and respect your family time.

  • Your work directly protects customers and improves security for millions of sites worldwide.

  • A clear process includes a paid 2-3 week trial contract (min. 10 hrs/week) to ensure mutual fit before a longer-term engagement.

Our Hiring Process:

  1. Initial Application Review

  2. Detailed Technical Assessment

  3. Remote Interviews (2-3 rounds)

  4. Paid Trial Contract

  5. Ongoing Contract Offer

Ready to Become a WordPress Security Guardian?

If you have the technical depth, investigative passion, and communication skills to excel in this critical role, we want to hear from you.

Apply for the Website Security Analyst Position:
https://apply.workable.com/defiant/j/9EC7611BF2/

Defiant values diversity and is an equal opportunity employer.

Tagged as: Incident Response, Malware Removal, Remote Security Jobs, Security Contractor, Vulnerability Research, Website Security, WordPress Hacking, WordPress Security Analyst

Scroll to Top