Senior Security & Compliance Engineer - eLxr (5+ years)

About the opportunityWe are seeking a highly skilled Security & Compliance Engineer to lead security initiatives for eLxr, our Debian-based operating system. This role is critical to ensuring compliance, security hardening, and audit readiness across all components of our ecosystem, including OS images, installers, CI/CD pipelines, and entitlement systems.Responsibilities & AccountabilitiesDrive adherence to FIPS, STIG, CIS benchmarks, and Secure Development Lifecycle (SDL) practices.Manage encryption tools (e.g., OpenSSL and related libraries) and ensure cryptographic compliance.Security & Compliance: Implement and maintain segmentation, secrets management, certificate lifecycle processes, and least privilege access controls.Ensure audit readiness and compliance with industry standards.Image & Installer Management: Oversee generation of OS images (.iso, qcow2, container images) and maintain secure OS installer workflows.CI/CD & Backend Systems: Secure CI pipelines and entitlement backend systems, ensuring integrity and compliance throughout build and deployment processes.Vulnerability Management: Monitor CVEs, manage vulnerability remediation, andcoordinate timely patching and fixesSecure Boot & Encryption: Implement and maintain secure boot processes.Security Testing: Develop and execute security testing strategies, including regression and final build validation.Web Properties & Portals: Ensure security and compliance across all sites (.org, .pro, .dev) and entitlement portals.Required Qualifications:Bachelor degree in Computer Science, Cybersecurity, or related field (or equivalent experience).5+ years of experience in Linux security engineering, preferably with Debian or derivatives.Strong knowledge of compliance frameworks (FIPS, STIG, CIS) and SDL practices.Hands-on experience with secure boot, encryption tools, and vulnerability management.Proficiency in CI/CD security, image generation, and OS installer processes.Familiarity with CVE tracking, patching baselines, and audit readiness.Excellent problem-solving and communication skills.Preferred Skills:Experience with container security (Docker, Podman).Knowledge of entitlement systems and license management.Familiarity with large-scale Linux deployments and automation tools (Ansible, Puppet, etc.).Contributions to open-source projects.