Security Developer

نشر بواسطة fevrokbot منذ 3 أشهر

وصف الوظيفة

Headquarters: College Park, Maryland, USA

Type of Position: Contractor, Full-Time, 8 months Contract


Anytime, Anywhere, Any Computer Access. We’re an international coalition of individuals and organizations dedicated to ensuring that the Internet, and everything available through it, is accessible to people with accessibility barriers due to disability, literacy, digital literacy, or aging, and regardless of their economic resources. Our vision is to revolutionize the landscape of assistive technology by creating an infrastructure to facilitate the development, distribution, and support of a wide range of affordable accessibility solutions around the world. That is, the Global Public Inclusive Infrastructure (GPII).


You will help a team of bright and talented developers located across continents who are passionate about our vision, that of radically improving the access to technology. How? By helping to develop associated system that supports the “portability” of user preferences across any platform or device -- that makes it easier for anyone to be able to have the technology they encounter automatically change into a form they can understand and use.


  • Work with the development team to secure the Global Public Inclusive Infrastructure (GPII) application and architecture against attacks and intrusion.
  • Advise on regulations and laws that GPII needs to comply with, including a specific list of concrete technologies and processes that need to be implemented in different scenarios where the GPII applications will be used with (public cloud, on premises servers, etc.) so the application is compliant.
  • Identify common threats that the GPII may be vulnerable to, assessing the extent to which we have strategies for protecting against them, and devising and co-implementing an architecture for protecting against those issues that we don’t currently address, e.g., credentials theft, etc.
  • Work with the infrastructure team to set up an automated, periodic security audit system using a security scanner/reporting tool (e.g. Nessus, Metasploit, etc) and expose / synthesize results.



  • 10+ years experience implementing code for secure web-based authorization flows, especially including, but not limited to OAuth 2.
  • Experience developing (and preferably also securing) Node.js applications. 
  • Worked in practice with one or more of the commonly deployed OAuth 2 API profiles, such as those deployed by Facebook, Twitter, Google, GitHub etc. and have implementation experience of working with the libraries (preferably in JavaScript) that support these. 
  • Experience in securing communications at the transport level, including securing TLS negotiation, certificate management and DNSSec. 
  • Familiar with the underlying algorithms and libraries which are invoked during the process of setting up a secure connection to an HTTPS server, and how this process may be subverted, and be able to set up test fixtures which probe an installation for vulnerabilities in this area (either by writing code or by configuring a prebuilt toolkit).
  • Knowledge and experience deploying, maintaining, and using security scanning/reporting software (e.g. Nessus, Metasploit, arachni, w3af, etc.), including using fuzzing techniques.
  • Experience securing applications on multiple operating systems including Windows, Linux and Mac.
  • Experience working in and submitting pull requests to open source projects, applying software development methodologies and strategies appropriate to open source collaboration.
  • Experience writing comprehensive unit and acceptance tests for all aspects of the developed.

To apply: Funding for the project is managed by the University of Maryland. To apply, you should register in eMaryland Marketplace at and apply by 16-June-2017. Search for bid: MDUMPC31033239

متطلبات الوظيفة

تفاصيل الوظيفة متطلبات الوظيفة
الراتب الشهري غير محدد مستوى الأقدمية غير قابل للتطبيق
المجال IT الدور الوظيفي Other
نوع التوظيف دوام كامل العطل 0
المهارات javascript,node,java,api,intern,aws,cloud,ios,git,ux,linux,dns,security,infrastructure
العنوان 42865
الوظيفة غير نشطة

هل توظف ؟