wordpress security – need experienced developer ASAP

Malware has been injected in the index.php file of a client’s WordPress site. The malicious code in question is added on line 1 of index.php. Our site host has removed the code for the second time in as many days, so we suspect it’s getting in via a plugin. We need a WordPress developer with security experience ASAP. Can you help?