Engineering Manager (Security Research)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Engineering Manager (Security Research): Leading four teams responsible for delivering security patches for end-of-life and non-EOL open-source language runtimes and frameworks with an accent on CVE analysis and vulnerability assessment. Focus on setting technical direction for patch backporting, improving engineering processes, and integrating AI-assisted automation for vulnerability discovery.
Location: Fully remote, available to work from any location worldwide
Company
TuxCare (by ) offers a portfolio of security solutions for Linux and open-source software aimed at enterprise organizations.
What you will do
- Lead and develop four engineering teams (~18 engineers) specializing in Java, JavaScript/Go, Python, and PHP.
- Set and enforce standards for CVE analysis, vulnerability assessment, patch backporting, and security release processes.
- Drive consistency in tooling and workflows, including CI/CD pipelines and release processes.
- Evaluate and implement AI-assisted automation for backporting and vulnerability discovery.
- Own SLA compliance across all language platforms and align delivery with client expectations.
- Manage hiring plans, performance reviews, and career development for reports.
Requirements
- 6+ years of hands-on software development experience across multiple language ecosystems.
- 3+ years of engineering leadership experience (Team Lead or EM) in a product company.
- Strong Java experience is required.
- Hands-on experience with security research, CVE triage, or patch backporting.
- Experience with CI/CD systems (GitLab CI, Jenkins) and dependency management (Maven, npm, pip, Go modules).
- English: Upper-intermediate (B2) or higher required.
Nice to have
- Experience identifying and analyzing vulnerabilities in language-ecosystem applications.
- Understanding of the security vulnerability lifecycle (CVE, CVSS, CWE, CSAF/VEX).
- Background in open-source security, supply chain security, or ELS-type products.
- Experience integrating AI tooling into research or patching workflows.
- Knowledge of Docker, Kubernetes, or cloud-native ecosystems.
Culture & Benefits
- Fully remote work with flexible hours, allowing you to work from any location worldwide.
- Professional development focus with mentorship and knowledge-exchange programs.
- 24 days of paid vacation, 10 national holidays, and unlimited sick leave.
- Compensation for private medical insurance, co-working, and gym/sports memberships.
- Rewards for innovative ideas that the company can patent.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →