In coordination with FPF’s other engineers and researchers, the contractor will:
Conduct application security reviews across SecureDrop components.
Assist in performing threat modeling for new features and architectural changes.
Review pull requests and design documents with a focus on the security properties of new features and the security implications of architectural changes.
Assist in preparing materials for and reviewing findings from third-party security audits.
Advise on hardening strategies for SecureDrop’s deployment environments.
Review and integrate security automation tooling, such as LLMs, static code analyzers, and other tools that can mitigate or discover security vulnerabilities.
At least three-plus years experience designing or attacking secure systems (threat modeling, penetration testing, security assessments, protocol design, etc.).
Production coding experience using at least two of the following: Python, Typescript, or Rust.
Strong working knowledge of Linux systems security (kernel hardening, AppArmor, SELinux, etc.).
Experience identifying and reasoning about browser/web vulnerabilities (XSS) and Electron-specific issues (file handling, IPC, etc.).
Comfort working with open source projects in a collaborative, distributed team environment.
One-plus year of professional experience with Qubes OS, Tails, or other high-security desktop environments.
One-plus year of professional incident response experience.
Using or developing security monitoring tools (e.g., intrusion detection systems, file integrity monitoring).
Familiarity with Tor, onion services, OpenPGP, and other privacy-enhancing technologies.
This is a part-time, hourly contract — the contractor will be paid at a rate of USD $80 per hour, up to 30 hours per week, invoiced on a monthly basis. The contractor will be solely responsible for paying any and all taxes incurred as a result of their compensation.
The contract will commence on a mutually agreeable date no later than Aug. 1 for an initial duration of six months, with the possibility of renewal.
If you would like to be considered for this opportunity, please submit the following:
A brief statement of interest (one-page maximum), which includes your availability (hours per week in U.S. Eastern time and any known constraints). Please do so by including that text in the space labeled “Cover Letter.”
Please be sure to include relevant experience or examples of prior work (links to GitHub, write-ups, audits, etc.).
A CV/résumé.
Job DescriptionDepartment:RetailJob Status:Full TimerWorking Hours:Flexibility in working hours is needed as per the Store opening hours, including weekends & holidays.Location:Store LocationSCOPE OF THE JOBThe Sales Representative is responsible...
...school year, starting in August of 2026. Staff will report to summer PD in July of 2026. The RMP Promise Rocky Mountain Prep is... ...organization that invests deeply in every educator who joins us. Teachers engage in ongoing coaching and professional development, supported...
...a dedicated and passionate attorney for the Eviction Right to Counsel Program. The Eviction Right to Counsel Program is a grant-funded... ...assistance to low- and middle-income renters facing eviction and housing insecurity in Nashville. The attorney will defend low and...
...university partner or internal stakeholders. Qualifications Education ~ Bachelor's degree is required Experience At least 1... ...-being and professional growth: Embrace the flexibility of remote, hybrid, and flexible work options. Access a competitive...
...Felsburg Holt & Ullevig is seeking a motivated Bridge Engineer to join our structures group. Our team works on exciting projects across... ...discipline. Certificates, Licenses, Registrations Engineer Intern (EI/EIT) certification required or ability to obtain within 6...