We’re looking for a website security consultant to do occasional work for us reviewing the deployment of our public website and suggesting and / or implementing changes to help prevent interruption of availability or the execution of malicious code.
This is a contract position that will require occasional work on specific tasks.
This is a work-from-home / casual position.
We’re looking for a website security consultant to look at our public facing website and provide a security audit and recommendations for security procedures to prevent data loss or the successful execution of malicious code (such as the installation of spam SMTP scripts).
Our website is pretty typical of those for mid-size companies: we have a website running on a Joomla / LAMP stack, on a commercial web host that uses cPanel for site management. In our case, we use BlueHost’s dedicated hosting features.
While we maintain site backups and regularly update our open-source site components, we have noticed a steady drumbeat of attacks on our site, probing us with common exploits for popular CMS platforms and site configurations. We want to make certain that we are doing everything appropriate, and possible within the limitations of our technology stack to ensure that our site is not compromised.
We are especially concerned about the possibility of our primary domain being blacklisted in the event that an attacker successfully implements an SMTP spam script. Since we are a defense technology company, it would be detrimental to our brand if our website falls victim to a common exploit.
While commercial web hosts like ours do implement organizational security, we are not able to evaluate how effective their security is.
We would like an audit of our deployment, and recommendations for hardening and maintaining our site security.
The good news is that this is a simple brochureware website, with no ecommerce components and no online client or consumer data that can be stolen or compromised. For this reason, this is a small engagement that should only take a few days to complete.
Experience in the following areas:
Experience in some of the following areas depending on the project and role:
Visit our website at www.kongsberggeospatial.com to learn more about us. If you fulfill the requirements and skills listed above, we look forward to hearing from you.
Due to the volume of applicants, only those selected for an interview will be contacted. We appreciate your interest in Kongsberg Geospatial.