Senior OS Engineer — Linux Security & Container Supply Chain

About The Position

Requirements

• 5+ years in Linux systems engineering, OS engineering, platform engineering, DevSecOps, or release engineering
• Deep expertise in Linux operating systems and distributions (Debian, RHEL, Ubuntu, Alpine)
• Strong experience with OS package management systems (apt, rpm, dnf, apk)
• Hands-on experience patching, rebuilding, or maintaining OS packages
• Strong understanding of Linux internals (processes, memory, filesystem, system libraries)
• Experience working with system-level libraries and dependencies (glibc, openssl, etc.)
• Deep knowledge of dependency resolution, ABI compatibility, and package lifecycle management
• Experience with container internals and Linux runtime behavior
• Experience remediating CVEs in OS packages and container environments
• Understanding of SBOMs, software provenance, signing, and artifact trust models
• Familiarity with supply chain security frameworks (e.g., SLSA, reproducible builds)
• Strong scripting/programming ability in Python, Bash, Go, or C/C++
• Experience building CI/CD pipelines for OS or system-level build processes
• Strong debugging skills across Linux systems and build environments

Nice To Haves

• Experience contributing to or maintaining Linux distributions or open-source OS projects
• Experience building minimal, distroless, or hardened container images
• Familiarity with package build infrastructure (Koji, OBS, Launchpad, mock, etc.)
• Experience with kernel hardening or low-level OS security modules
• Knowledge of large-scale container security platforms
• Contributions to open-source security, Linux, or container ecosystems

Responsibilities

• Own end-to-end CVE remediation across Linux OS packages and system libraries
• Analyze vulnerabilities affecting core OS components (glibc, openssl, kernel modules, runtime libraries, etc.)
• Validate upstream fixes and determine patching or backporting strategies
• Rebuild, patch, and curate OS packages across multiple Linux distributions (Debian, RHEL, Alpine, etc.)
• Build and maintain secure, minimal, production-ready container images
• Remove unnecessary packages and reduce image attack surface
• Ensure OS-level changes propagate safely into container environments
• Validate image integrity, compatibility, and runtime stability
• Generate and maintain SBOMs for OS packages and container images
• Implement provenance, signing, and artifact trust mechanisms
• Ensure reproducible and verifiable builds across OS components
• Strengthen software supply chain security across all image pipelines
• Design and scale automated pipelines for OS patching, package rebuilding, and image generation
• Integrate CVE scanning, remediation, and validation into CI/CD workflows
• Build tooling for OS-level dependency tracking and vulnerability analysis
• Improve build efficiency, reliability, and reproducibility
• Partner with platform, DevOps, infrastructure, and security teams
• Work closely with engineering teams to integrate secure OS layers into product pipelines
• Support production environments with stable, secure OS baselines

Benefits

• health, dental, and vision insurance
• paid time off
• equity participation