Magento 2 Security Incident Cleanup, Malware Audit and Hardening

We need an experienced Magento 2 security developer to investigate and clean a suspected compromise on our live store. Our server management provider identified malicious file uploads in: pub/media/custom_options/quote/ We believe this is related to the recent PolyShell-style unauthenticated file upload issue affecting Magento 2 via the REST API/custom options upload flow. Scope of work: - full Magento security audit - check for malicious PHP, backdoors, webshells, injected JS, and persistence - review core integrity and changed files - review extensions, custom modules, cron jobs, admin users, API/integration access - confirm whether the compromise is limited to pub/media/custom_options/quote/ or exists elsewhere - apply Magento-side hardening recommendations - advise on required Magento security patches / update path - provide a written report of findings and actions taken Important: - This is not a server admin job - Server-side actions are handled separately by our hosting provider - We need someone with proven Magento 2 security incident response experience Please reply with: 1. your Magento security experience 2. similar incidents you have handled 3. your approach for malware cleanup and integrity verification 4. whether you prefer fixed price or hourly 5. your availability to start immediately "