React/Next.js Developer with Web Security Experience (Fix Scam Pop-Ups)

---

About Us: We are a trusted media partner with deep roots in the community committed to providing radio broadcasting, digital marketing, social media management, and more. We are currently facing an issue with scam pop-ups on our news websites, built with React and Next.js, and need an expert to help identify the source, fix the problem, and implement robust security measures moving forward. Job Overview: We are looking for a talented React/Next.js Developer with expertise in web security to assist us in resolving an ongoing issue with scam pop-ups on our site. The ideal candidate will have extensive experience with React.js, Next.js, and web security best practices. This role will focus on debugging the code, identifying vulnerabilities, and implementing secure coding practices to ensure that such issues do not arise in the future. Key Responsibilities: Audit and Debug the website's code to identify and resolve the source of scam pop-ups. Examine Third-Party Integrations and dependencies (e.g., ads, analytics) to ensure no malicious code is being loaded. Implement and configure security headers (e.g., Content Security Policy, HTTP Strict Transport Security) to protect against future injections. Implement best practices for secure rendering in React and Next.js, including sanitizing user inputs and avoiding dangerous methods like dangerouslySetInnerHTML. Penetration testing and vulnerability scanning to uncover any other security risks. Work with the team to integrate secure APIs and ensure that all data handling practices follow best security protocols. Collaborate with the broader development team to ensure the website is optimized for performance while maintaining top-tier security. Provide recommendations and ongoing monitoring strategies to prevent malicious scripts or ad pop-ups. Required Skills and Experience: Proven experience with React.js and Next.js (at least 2 years of experience). Strong understanding of JavaScript, JSX, and modern front-end technologies. Expertise in web security, particularly in preventing and fixing issues like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and injection attacks. Experience with security tools and practices like Content Security Policies (CSP), Secure HTTP Headers, and input validation/sanitization. Familiarity with web application vulnerabilities, including techniques for testing and preventing code injection and malicious script loading. Experience working with third-party integrations (e.g., ads, analytics) and understanding their potential risks. Familiarity with npm audit or similar tools for identifying vulnerabilities in dependencies. Experience working in remote teams (if applicable). Strong problem-solving and debugging skills. Ability to work independently and communicate effectively in a remote setting. Preferred Skills: Experience working with CI/CD pipelines for security and vulnerability scanning. Familiarity with modern web application monitoring tools. Experience with full-stack development (backend knowledge is a bonus). Knowledge of server-side security and infrastructure best practices. How to Apply: Please submit your resume and a cover letter outlining your experience with React/Next.js development and web security, particularly how you’ve handled similar issues (such as scam pop-ups, code injections, etc.). If possible, please provide examples of previous projects where you have resolved security vulnerabilities or handled scam-related issues. Why Join Us: Opportunity to work on high-impact projects that help secure and improve our user experience. Collaborative and supportive remote team. About the Scam Pop-Up Issue: We’ve been experiencing persistent scam pop-ups that disrupt the user experience on our website. These pop-ups are appearing despite no obvious connection to our internal systems, and we need an expert to identify whether they’re being caused by external ad networks, security vulnerabilities in the code, or other malicious factors. Final Notes: The role will begin with a thorough review of the site, security testing, and bug fixing, followed by an ongoing role in monitoring and maintaining the security of the platform. If you have specific experience with fixing issues like ad fraud, malicious pop-ups, or injected scripts, we’d love to hear about it.

Keyword: Web Development

Next.js PostgreSQL NGINX React JavaScript CSS Node.js HTML