Senior Security & Compliance Engineer - eLxr (5+ years)

About the opportunity We are seeking a highly skilled Security & Compliance Engineer to lead security initiatives for eLxr, our Debian-based operating system. This role is critical to ensuring compliance, security hardening, and audit readiness across all components of our ecosystem, including OS images, installers, CI/CD pipelines, and entitlement systems. Responsibilities & Accountabilities Drive adherence to FIPS, STIG, CIS benchmarks, and Secure Development Lifecycle (SDL) practices. Manage encryption tools (e.g., OpenSSL and related libraries) and ensure cryptographic compliance. Security & Compliance: Implement and maintain segmentation, secrets management, certificate lifecycle processes, and least privilege access controls. Ensure audit readiness and compliance with industry standards. Image & Installer Management: Oversee generation of OS images (.iso, qcow2, container images) and maintain secure OS installer workflows. CI/CD & Backend Systems: Secure CI pipelines and entitlement backend systems, ensuring integrity and compliance throughout build and deployment processes. Vulnerability Management: Monitor CVEs, manage vulnerability remediation, and coordinate timely patching and fixes Secure Boot & Encryption: Implement and maintain secure boot processes. Security Testing: Develop and execute security testing strategies, including regression and final build validation. Web Properties & Portals: Ensure security and compliance across all sites (.org, .pro, .dev) and entitlement portals. Required Qualifications: Bachelor degree in Computer Science, Cybersecurity, or related field (or equivalent experience). 5+ years of experience in Linux security engineering, preferably with Debian or derivatives. Strong knowledge of compliance frameworks (FIPS, STIG, CIS) and SDL practices. Hands-on experience with secure boot, encryption tools, and vulnerability management. Proficiency in CI/CD security, image generation, and OS installer processes. Familiarity with CVE tracking, patching baselines, and audit readiness. Excellent problem-solving and communication skills. Preferred Skills: Experience with container security (Docker, Podman). Knowledge of entitlement systems and license management. Familiarity with large-scale Linux deployments and automation tools (Ansible, Puppet, etc.). Contributions to open-source projects.

Created: 2026-03-10