Careers at Wordfence

Senior PHP Developer with Security Emphasis

Are you passionate about security? How about being able to work anywhere on the planet? On a beach in Hawaii or taking your lunch break fly fishing a stream in Alaska. Or perhaps you’d rather be close to your home town near friends and family instead of commuting to a big city with the herd every day.

We are one of the fastest growing cyber security companies in the World. You will be working for us remotely full-time, with full benefits including platinum level medical, dental, 401K, gym reimbursement, company paid security certifications (CISSP, Security+) and conferences.

We are a team of fast moving, nimble, self managing innovators who work in a relaxed atmosphere with a sense of humor. Rather than working for a mega-corp, you will be working in a company where your work has real impact.

Wordfence has experienced incredible growth in the past 3 years and you will be joining the team during a time of steep growth. Our team is 100% remote. Everyone in the company works from wherever they want to work. Most of us are based in the USA and we have international team members in many other countries from Europe to Scandinavia to North Africa and more.

Wordfence has security built into our DNA. Whether you’re a customer service engineer, security analyst, QA engineer, developer or ops engineer, you have a deep interest and passion for security. You will be working with team members who are incredibly talented, well known in the security community and who are from a diverse range of backgrounds.

We use apps like Slack, GitHub, Fogbugz and Dropbox for our workflow. Each team member is World-class at what they do. We have flexible working hours and we are a diverse team ranging in age and location.

All permanent positions will involve a trial period of approximately 2 weeks with a minimum commitment of 10 hours per week. You will be paid for this time and it will be used to evaluate whether both parties want to pursue a permanent position.

Here are some of the core skills we look for in team members:

  • A willingness to grab whatever task is required of you and run with it. This may include work outside of your core tasks. We are a small team and everyone needs to pitch in.
  • A high level of productivity and self-management.
  • Must be comfortable working remotely and interfacing with other team members using Slack and other remote tools.
  • Excellent analytical ability and problem solving skills.
  • A strong work ethic.
  • Effective communication skills. This is critical for remote workers and we can’t emphasize this enough. You will spend a significant amount of time interfacing with our customers and/or other team members through your keyboard and it’s critically important that you can effectively convey your thoughts.


  • PHP including object oriented PHP. You need to write clean, high performance and maintainable code.
  • Ability to collaborate with a dev team and QA team using standard tools like github and fogbugz and text and voice chat.
  • The ability to produce high quality, performant, production ready and maintainable code.
  • Ability to solve sometimes complex algorithmic or security challenges and implement those in code that gets shipped.
  • Ability to maintain a regular 2 week release cycle that includes QA.
  • Knowledge of git a requirement. Subversion helps.
  • Strong understanding of regex including syntax, ability to create effective regexes and regex performance issues.
  • MySQL including the ability to write well performing SQL, ability to design schemas and an understanding of MySQL data types and performance.
  • Strong knowledge of web server platforms like Apache, Nginx and similar is a requirement. Special emphasis on Apache due to its popularity.
  • Must be comfortable using Linux and comfortable with Linux administration.
  • HTML, CSS, Javascript and jQuery a requirement.
  • Understanding of common web vulnerabilities required.
  • Vulnerability research – ability to identify vulnerabilities in code is a requirement.
  • WordPress experience a strong plus – including ability to use the WordPress plugin API. If you lack WordPress experience, equivalent experience with Laravel is acceptable.
  • Node.js a strong plus.
  • A keen interest in infosec. Credentials like Security+, CISSP or pen-testing certifications a strong plus.
  • Knowledge of other languages a strong plus.
  • IPv4 and IPv6, TCP/UDP and general TCP/IP networking knowledge is a strong plus.
  • Experience with pen testing tools like nmap, Kali, sqlmap and others a strong plus.
  • Ability to write proof of concept exploits in PHP to test PHP vulnerabilities is a strong plus.


This is a full-time, remote position with flexible hours. You are able to set your own schedule and work from anywhere.

  • ​Platinum level PPO medical plan with dental and vision included. Company pays 100% of the premiums for employees and 50% for dependents.
  • 21 days PTO per year
  • 401k with matching contributions
  • Opportunities to attend security conferences (the team went to RSA and Defcon in 2016)
  • Company paid local gym membership
  • Company paid fees and study time provided for work related educational courses and security certifications such as Security+, CEH and CISSP.
  • You will receive a new laptop (Macbook Pro or equivalent) and any items needed to create a successful work environment at home.


Apply For This Position

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.