Save Share Apply
About the Role

Umbraco is looking for a Developer to help us strengthen the security of both our open-source CMS, our hosting platform, Umbraco Cloud and other packages supported by Umbraco HQ.

You’ll take the lead on analyzing incoming vulnerability reports submitted via our security disclosure process, working closely with engineering teams to reproduce, triage, and ensure issues are resolved appropriately.

You’ll also coordinate external penetration tests at least twice a year—typically around major releases—with the flexibility to support more frequent testing when needed.

Familiarity with GitHub Security Advisories is a plus. So is experience with our core tech stack (C# / .NET), and hands-on experience with Umbraco CMS—whether through development, extensions, or certifications.

Responsibilities
  • Analyze and reproduce vulnerability reports affecting Umbraco CMS and Umbraco Cloud.
  • Collaborate with internal teams to assess risk, prioritize, and coordinate resolution.
  • Track and document issues clearly for internal visibility and decision-making.
  • Coordinate penetration testing efforts with external vendors at least twice per year (or more as needed).
  • Manage and publish GitHub Security Advisories for the CMS when relevant.
  • Support continuous improvement of secure development practices and awareness.
  • Contribute to the development of our products and services by reading, writing, and debugging code when needed, especially in relation to resolving security issues or improving security posture.
Requirements
  • Strong software development background and ability to work in large codebases.
  • Understanding of web application security, including common vulnerability patterns.
  • Clear communicator with experience documenting and following up on technical issues.
  • Experience working with cross-functional teams across engineering, DevOps, and product.
  • Bonus: Familiarity with GitHub Security Advisories.
  • Bonus: Experience with C# / .NET (our core tech stack).
  • Bonus: Hands-on experience building with Umbraco CMS, or holding Umbraco certifications.
  • Bonus: Exposure to SaaS platform security or cloud-hosted environments.
Practicalities

Starting date: As soon as possible
Location: Umbraco HQ, Odense, Denmark
Team: InfoSec
Department: Product & Engineering
Type: Full-time (37 hours/week)

Perks of working at Umbraco
  • Great opportunities for career advancement
  • Family-friendly and flexible working hours
  • Opportunities for public speaking and conference attendance
  • Cozy office environment at our headquarters in Odense
  • Twice-yearly full-company gatherings for Codegarden and "Company Week"
  • Company lunch program (if working at HQ)
  • Pension and healthcare insurance (depending on location)
Application

No cover letter required – just send us your CV and a short paragraph telling us why you’re the right fit. In your paragraph, touch on (a) a win you’re proud of and (b) why you think Umbraco’s culture is right for you. You may submit a cover letter if that is your thing.


We aim to fill this position as soon as possible and will conduct interviews within the next weeks.

So, what are you waiting for? Now is your chance to join the fun, friendly, and ambitious team at Umbraco!

Please note in your application that you found the job at Jobindex

Apply