Skip to main content
HimalayasHimalayas logo
CloudLinuxCL

Senior Security Engineer - Node.js Proactive Defense (remote-only)

CloudLinux provides a commercially supported operating system optimized for shared hosting providers and data centers, enhancing server stability, security, and resource management.

CloudLinux

Employee count: 201-500

Poland only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

CloudLinux is a global remote-first company. We are driven by our principles: do the right thing, employees first, we are remote first, and we deliver high-volume, low-cost Linux infrastructure and security products that help companies to increase the efficiency of their operations. Every person on our team supports each other and does what we can to ensure we all are successful.

Check out our website for more information https://cloudlinux.com/

Imunify360 Security Suite is a product of CloudLinux Inc., the maker of the #1 OS in security and stability for hosting providers. Imunify is an innovative security solution designed specifically for shared and VPS/Dedicated servers. The automated, easy-to-use solution with the six-layer approach to security delivers comprehensive and complete attack prevention.

What You'll Work On

You will own the Node.js Proactive Defense initiative — a new runtime security layer for Imunify360 that brings the same in-process protection model we already ship for PHP (PHP auto-immunity / blocking of malicious code at runtime) into the Node.js ecosystem.

Today, hosting providers running multi-tenant Node.js workloads have no equivalent of mod_security + PHP Proactive Defense: malicious code, supply-chain payloads, and post-exploitation behavior execute inside the Node.js process with full privileges of the tenant. Your job is to close that gap.

Concretely, You Will:

  • Design and ship a Node.js runtime agent that hooks into the V8/Node lifecycle to trace and block malicious behavior patterns (child_process spawn chains, eval / Function constructors, prototype pollution exploitation, unsafe deserialization, SSRF, path traversal, fs writes to sensitive locations, malicious require() / dynamic import chains, supply-chain poisoning at load time).
  • Define the detection model: which behaviors are policy-blockable by default, which are signal-only, and how rules are authored, distributed, and versioned alongside our existing Proactive Defense rule pipeline.
  • Integrate the agent with the rest of the on-host Imunify security stack so that Node.js detections, blocks, and incidents flow into the same telemetry pipeline, the same backend event store, and the same admin UI as our other layers (WAF, host-IDS, brute-force protection, malware scanner, patch management). This ships as a first-class layer of Imunify360, not a standalone tool.
  • Make it production-safe on shared hosting: low overhead, tenant-isolated, compatible with CageFS / LVE, and resilient to hostile tenants who will try to disable or evade the agent.
  • Build the pipeline that turns CVE write-ups and threat-intel feeds into shipped detections. The system — not a human — ingests advisories, extracts the exploit primitive, generates and tests rule candidates against a corpus, and rolls them out with the right signal-only / blocking posture.
  • Own the closed feedback loop from production blocks (true positives, false positives, evasions) back into the next generation of rules.

This is a green-field, security-engineering-led role with direct product impact: the detections you write will run on hundreds of thousands of servers.

Requirements

Must have:

  • Security engineer mindset: thinks in attack surfaces, exploit primitives, and defense-in-depth - not just in OWASP checklists. Can read a CVE writeup and reconstruct the primitive, not just the patch.
  • Runtime/exploitation knowledge across languages: prototype pollution, deserialization, command injection, SSRF, path traversal, supply-chain poisoning - knows why these primitives exist, not just that they have names.
  • Systems-level development: Linux daemons, systemd, privileged processes, IPC, namespaces/cgroups, file-descriptor and signal hygiene.
  • Low-level / instrumentation instinct: has hooked, traced, or intercepted something in production - LD_PRELOAD, eBPF, ptrace, JVM agents, Python sys.settrace, language-runtime preload, kernel modules. The specific tech doesn't matter; the instinct does.

Nice to have:

  • Shared-hosting / multi-tenant Linux experience: LVE, CageFS, control-panel ecosystems, or analogous tenant-isolation work.
  • Comfort working from a CVEs and threat-intel feed as primary product input.

Benefits

What's in it for you?

  • A focus on professional development.
  • Interesting and challenging projects.
  • Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide.
  • Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves.
  • Compensation for private medical insurance.
  • Co-working and gym/sports reimbursement.
  • Budget for education.
  • The opportunity to receive a reward for the most innovative idea that the company can patent.

By applying for this position, you consent to the processing of your personal data as described in our Privacy Policy (https://cloudlinux.com/candidate-privacy-notice), which provides detailed information on how we maintain and handle your data.

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Senior

Location requirements

Poland

Hiring timezones

Poland +/- 0 hours

Job categories

Security EngineeringNode.Js DevelopmentCybersecurityRuntime SecurityApplication SecuritySenior Security EngineerSenior Security Operations EngineerSenior Cybersecurity EngineerSecurity Engineer

Skills

V8 EngineeBPFLD_PRELOADLinuxSystemdCVEWAFHost IDSCageFSSecurity EngineeringSupply Chain SecurityPython Sys.SettraceLinux DaemonsNamespacesCgroupsCheckCloudLinuxDynamicIncreaseMakeMatterPHPSAFeNodeJS Remote

Browse similar jobs

Remote Senior Security-Engineering JobsRemote Full Time Security-Engineering JobsRemote Senior Security-Engineering Jobs in PolandRemote Full Time Jobs in PolandRemote Security-Engineering Jobs in Poland

About CloudLinux

Learn more about CloudLinux and their company culture.

View company profile

CloudLinux is dedicated to enhancing the security, stability, and profitability of Linux for hosting providers and data centers. With a collective experience of over 500 years in Linux, the company is transforming how these entities utilize the technology, extending its benefits to millions of their customers. CloudLinux boasts over 500,000 product installations and serves more than 4,000 customers, including prominent names like Liquid Web, 1&1, and Dell. The company merges profound technical expertise in hosting, kernel development, and open source with exceptional client care. Cloud Linux, Inc. was consolidated into Cloud Linux Software, Inc., which now operates under the TUXCARE trade name (DBA).

The core offering, CloudLinux OS, is specifically engineered for shared hosting environments. It isolates each tenant into a Lightweight Virtualized Environment (LVE), which partitions, allocates, and limits server resources such as CPU, memory, I/O, and the number of processes. This prevents any single user from monopolizing server resources and causing performance degradation or downtime for other users on the same server. This LVE technology is a key differentiator, ensuring a more stable and reliable hosting environment. CloudLinux OS also incorporates features like CageFS, a virtualized file system that encapsulates each user, preventing them from seeing each other's sensitive information or accessing server configuration files. This significantly enhances security in a multi-tenant setup. Furthermore, HardenedPHP ensures the security of the host system by automatically patching older and unsupported PHP versions. The OS is compatible with major control panels like cPanel, Plesk, and DirectAdmin, facilitating easier adoption and management for hosting providers. Beyond the operating system, CloudLinux has expanded its product portfolio with solutions like Imunify360, a comprehensive security suite for Linux web servers, and KernelCare, which provides automated, rebootless kernel patching. The company also initiated AlmaLinux OS, a free, open-source, community-driven enterprise-grade Linux distribution intended as a CentOS alternative, and continues to sponsor the AlmaLinux OS Foundation.

Employee benefits

Learn about the employee benefits and perks provided at CloudLinux.

View benefits

Competitive pay

CloudLinux offers competitive pay.

Paid vacation

Eligible staffers receive paid vacation.

Medical insurance

Eligible staffers receive medical insurance.

English sessions

CloudLinux offers English language sessions.

View CloudLinux's employee benefits
CloudLinux logoCL

CloudLinux

Company size

201-500 employees

Founded in

2009

Chief executive officer

Igor Seletskiy

Markets

Web HostingLinux Operating SystemsCybersecurityOpen Source SoftwareData Center InfrastructureVirtualizationDevOpsCloud InfrastructureEnterprise ITserver management

Employees live in

United States
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

9 remote jobs at CloudLinux

Explore the variety of open remote roles at CloudLinux, offering flexible work options across multiple disciplines and skill levels.

View all jobs at CloudLinux
Top remote companies

Remote companies like CloudLinux

Find your next opportunity by exploring profiles of companies that are similar to CloudLinux. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan