WordPress Security Specialist – Remote

As a WordPress Security Specialist, you will serve as the frontline defender against vulnerabilities, attacks, and breaches affecting our clients' websites. Your responsibilities include conducting deep security audits using tools like WPScan and Wordfence; implementing web application firewall rules and brute force protection using services like Cloudflare and Sucuri; recovering hacked websites through malware removal, backdoor detection, and post-incident forensics; and hardening server configurations via secure server directives, PHP tweaks, and role-based access management. You will also be tasked with setting up two-factor authentication, login lockdowns, and monitoring systems to detect threats in real-time via alerts and log analysis while ensuring sites remain patched and secure.

Ideal candidates hold certifications such as the WP Security+ or OSCP and have 3+ years of direct WordPress security experience conducting malware cleanups and patching vulnerabilities. Expertise in Linux server administration along with knowledge of technologies such as Apache, Nginx, and ModSecurity is essential. Proficiency with popular WordPress security plugins is also required. The ability to clearly explain technical security risks and recommended solutions to non-technical stakeholders is important. Experience with PCI compliance or GDPR for eCommerce platforms and automated backup solutions is beneficial. This is a 100% remote role offering flexible hours while protecting enterprise clients as part of a leading cybersecurity firm. Continuous