Vulnerability Data Entry Analyst
Remote - United States
Defiant is a small, dynamic, fast-growing, and profitable company with loyal customers who love our products and services. We are the global leader in WordPress security, protecting over 4 million websites.
We are looking for a Vulnerability Data Entry Analyst with a focus on WordPress to join our Threat Intelligence team. In this role, you will be expected to find and process WordPress plugin, theme, and core related vulnerability data to create comprehensive vulnerability entries that will be stored in a database. This will involve reviewing vulnerability records, finding resources to validate the vulnerability records, and populating the data needed to complete those records.
This is a contract position with a strict deadline for completion of the outlined tasks; expected 30 - 40 hours of work per week for approximately 9 weeks.
The hourly rate is $30 - $40USD depending on experience with a $1,000 one time hiring bonus. $500 bonus every 3 weeks when performance indicators are met with quality work.
You'll work with a talented and highly-motivated team that is friendly, fast-moving, self-managing, and highly capable with a sense of humor. Our team's family time is important; we won't typically require long hours when we can avoid it, which is almost always. Our entire team works remotely using Slack for casual interaction, so you can live practically anywhere in the World if you have an Internet connection. There's no micro-management here—we trust that you will see tasks through to completion and communicate with your fellow team members when needed or ask for help when needed.
At Defiant, ‘trust’ is the attribute we value most highly among our team members. We need to know that you can grab a task, communicate clearly with stakeholders, and see the task to completion with superb attention to detail.
We use apps like Slack, FogBugz, GitHub, and Google Apps for our workflow.
- Process and create vulnerability entries for WordPress related vulnerabilities. This consists of calculating a CVSS score, choosing an appropriate CWE based on vulnerability type, writing an accurate description that details the impact of a vulnerability, finding and populating external resources that provide data on a vulnerability, validating affected version ranges along with patched versions, and more.
- Performing reconnaissance to find resources on vulnerabilities that can assist in populating vulnerability data.
- Researching and validating historical vulnerability data to populate new vulnerability entries.
Our ideal candidate has:
- Certifications related to Data Entry or Information Security.
- Experience with vulnerability research in the WordPress ecosystem.
- Ability to easily identify patched vulnerabilities based on changesets in WordPress software, like plugins and themes.
- Ability to validate vulnerabilities through publicly available proof of concepts or through the creation of proof of concepts.
- Ability to assign Common Vulnerability Scoring System(CVSS) scores to WordPress software related vulnerabilities accurately.
- Familiarity with the Common Vulnerability Scoring System(CVSS).
- Familiarity with Common Weakness Enumeration(CWE) and ability to assign an appropriate CWE for different vulnerability types.
- Experience performing data entry related tasks where some technical proficiency and additional analysis is required prior to data entry.
- Experience writing short descriptions for vulnerabilities.
- Experience with web application based vulnerabilities, such as WordPress plugin, theme, and core vulnerabilities.
- Ability to process large amounts of data consistently and accurately with minimal mistakes.
- The ability to speak and write fluently in English.
- Excellent analytical ability
All positions require a trial period of approximately 2-3 weeks with a minimum commitment of 10 hours per week. You will be paid for this short-term contract, and it will be used to evaluate whether both parties want to pursue an ongoing, regular employment relationship.
All offers of employment are contingent on successful completion of a background check. The results of the background check are considered as they relate to the position and do not automatically disqualify someone from a offer of employment with the company.
Telecommuting with a company that has been 100% remote for over 8 years.
Diversity at Defiant
We value diversity and do not discriminate based on race, color, religion or creed, national origin or ancestry, sex, age, physical or mental disability, military or veteran status, gender identity or expression, marital status, sexual orientation, political ideology, economic status, parental status, or any other non-performance-related status.
Other jobs like this
Information Security AnalystAudits C Incident response ISO 27001 Risk management SaaS SOC 2
401(k) matching Career development Competitive pay Flex hours Flex vacation +5
Information Security AnalystAgile Automation CCPA GDPR Incident response Monitoring NIST PCI Penetration testing Security assessments +5
401(k) matching Career development Flex hours Flex vacation Health care +3
Associate Threat Analyst - SIEM monitoring (7am-4pm PDT, Tues-Sat)DevOps IDS Incident response IPS Linux Monitoring Python SIEM Threat intelligence Vulnerabilities +1
401(k) matching Career development Health care
Information Security AnalystAudits FinTech Incident response Monitoring Penetration testing Risk management Threat detection Vulnerability management
401(k) matching Health care Insurance Medical leave Parental leave +2
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Staff Security Engineer jobs
- Open Lead Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Sr. Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Head of Information Security jobs
- Open Senior Penetration Tester jobs
- Open Senior Information Security Analyst jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Cloud Security Operations Lead jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Security Operations Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Audits-related jobs
- Open Analytics-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Ruby-related jobs
- Open Splunk-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Open Source-related jobs
- Open Agile-related jobs
- Open OSCP-related jobs
- Open Threat detection-related jobs
- Open Machine Learning-related jobs
- Open Intrusion detection-related jobs
- Open DevSecOps-related jobs