Operations Security Engineer at Wikimedia Foundation
San Francisco, CA, US
Summary

We are looking for an experienced infrastructure engineer with a passion for security and securing systems and networks. We are looking for someone to support Wikipedia and the other Wikimedia projects by enhancing the security of our site(s) infrastructure.

You enjoy the technical challenges associated with managing an infrastructure used by millions of users. You are experienced analyzing infrastructure for common pitfalls, adjusting server and application configuration settings, and implementing new security policies. You will work with the team to help ensure our environment has the latest security patches and best practices needed to keep a top-five web property secured.

Description

Partner with stakeholders, develop, improve and implement infrastructure security policies and processes, in order to protect data integrity and user privacy
Ensure that required security updates are quickly performed across Wikimedia systems and services
Conduct security design and implementation reviews for existing and new Wikimedia infrastructure and services
Perform required security updates to Wikimedia servers and infrastructure.
Support disaster recovery protocols, backup procedures, and routine security audits
Investigate and resolve security incidents
Requirements

3+ years experience in operations security or network security role as part of an operations team
Experience supporting significant scale website infrastructure, with strong focus on open source infrastructure components
Familiarity with vulnerability scanners, intrusion detection systems, forensic tools, logfile analysis, botnet and denial of service response strategies, etc.
Familiarity with network protocols (e.g. TCP/IP, IPv6, Multicast, VRRP, HSRP, DHCP, RADIUS, SNMP)
Familiarity with cryptography and cryptographic protocols (e.g. SSL)
Experience with operating system internals, filesystems, databases, distributed systems, and server architectures
Experience with scripting languages (e.g. Bash, Python, PHP, Ruby) and configuration management (Chef, Puppet, etc.)
Track record of participation in the open source security community
B.S. or M.S. in Computer Science or related field
Pluses

Experience with systems programming languages and debugging/profiling tools (C, gdb, strace, oprofile, etc.)