Назад
Company hidden
3 дня назад

Engineering Manager (Security Research)

Формат работы
remote (Global)
Тип работы
fulltime
Грейд
lead
Английский
b2
Страна
Poland/Armenia/Romania +3 еще
Вакансия из списка Hirify.GlobalВакансия из Hirify RU Global, списка компаний с восточно-европейскими корнями
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Engineering Manager (Security Research): Leading four teams responsible for delivering security patches for end-of-life and non-EOL open-source language runtimes and frameworks with an accent on CVE analysis and vulnerability assessment. Focus on setting technical direction for patch backporting, improving engineering processes, and integrating AI-assisted automation for vulnerability discovery.

Location: Fully remote, available to work from any location worldwide

Company

TuxCare (by hirify.global) offers a portfolio of security solutions for Linux and open-source software aimed at enterprise organizations.

What you will do

  • Lead and develop four engineering teams (~18 engineers) specializing in Java, JavaScript/Go, Python, and PHP.
  • Set and enforce standards for CVE analysis, vulnerability assessment, patch backporting, and security release processes.
  • Drive consistency in tooling and workflows, including CI/CD pipelines and release processes.
  • Evaluate and implement AI-assisted automation for backporting and vulnerability discovery.
  • Own SLA compliance across all language platforms and align delivery with client expectations.
  • Manage hiring plans, performance reviews, and career development for reports.

Requirements

  • 6+ years of hands-on software development experience across multiple language ecosystems.
  • 3+ years of engineering leadership experience (Team Lead or EM) in a product company.
  • Strong Java experience is required.
  • Hands-on experience with security research, CVE triage, or patch backporting.
  • Experience with CI/CD systems (GitLab CI, Jenkins) and dependency management (Maven, npm, pip, Go modules).
  • English: Upper-intermediate (B2) or higher required.

Nice to have

  • Experience identifying and analyzing vulnerabilities in language-ecosystem applications.
  • Understanding of the security vulnerability lifecycle (CVE, CVSS, CWE, CSAF/VEX).
  • Background in open-source security, supply chain security, or ELS-type products.
  • Experience integrating AI tooling into research or patching workflows.
  • Knowledge of Docker, Kubernetes, or cloud-native ecosystems.

Culture & Benefits

  • Fully remote work with flexible hours, allowing you to work from any location worldwide.
  • Professional development focus with mentorship and knowledge-exchange programs.
  • 24 days of paid vacation, 10 national holidays, and unlimited sick leave.
  • Compensation for private medical insurance, co-working, and gym/sports memberships.
  • Rewards for innovative ideas that the company can patent.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →