Security Software Developer (Contract RFP)
About The Position
Freedom of the Press Foundation (FPF) is seeking a contract security software developer for a six-month engagement (approximately 30 hours per week), with the possibility of renewal. This role will contribute to the development of the WEBCAT browser extension, a security-focused tool to provide code integrity in the browser environment . This role involves a mix of hands-on implementation and applied security research, including engagement with emerging standards and proposals related to web integrity. This role is fully remote. Candidates may be in any time zone, but we prefer availability for communication during afternoon work hours (1-6 p.m. U.S. Eastern time).
Requirements
- Deep understanding of web application security principles (e.g., XSS attack mitigation) and browser security models (e.g., Same-Origin Policy, Content Security Policy, etc.).
- Demonstrated adversarial thinking; prior experience auditing or participating in Capture The Flag (CTF) competitions is a plus.
- Hands-on software development expertise.
- Experience across the software development life cycle: building, testing, shipping, and releasing code into production.
- Comfort working in open source development.
Nice To Haves
- WebAssembly
- JavaScript/TypeScript
- Web browser extension APIs
- Rust
Responsibilities
- Implement security-sensitive components of the WEBCAT browser extension.
- Analyze and provide feedback to draft specifications for code integrity and transparency in the browser context, as well as potentially author or co-author technical proposals.
- Work independently and communicate progress in regular check-ins with other FPF engineering staff.
- Collaborate with other engineers and researchers at FPF and externally to identify and mitigate security threats.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Part-time
Career Level
Mid Level
Education Level
No Education Listed
