Svitla Systems, Inc.Remote
SENIOR LINUX OS SECURITY ENGINEER
United States of America
Full Time
1 hour ago
H1B Sponsor Likely
Key skills
Linux systems engineeringLinux operating systemsDebianRHELUbuntuAlpineOS package managementaptrpmdnfapkOS package patchingLinux internalsprocess managementmemory managementfilesystemsystem librariesglibcopenssldependency resolutionABI compatibilitypackage lifecycle managementcontainer internalsLinux runtime behaviorCVE remediationSBOMssoftware provenanceartifact signingartifact trust modelssupply chain security frameworksSLSAreproducible buildsPython programmingBash scriptingGo programmingC programmingC++ programmingCI/CD pipelinesLinux debuggingbuild environmentsPythonC++CGoBashCI/CD
About this role
Svitla Systems Inc. is looking for a Senior Linux OS Security Engineer for a full-time remote position in the USA. The role involves designing, building, and maintaining secure Linux-based operating system components, focusing on vulnerability identification and remediation in OS packages and ensuring secure container images are delivered at scale.
Responsibilities:
- Own end-to-end CVE remediation across Linux OS packages and system libraries
- Analyze vulnerabilities affecting core OS components (glibc, OpenSSL, kernel modules, runtime libraries, etc.)
- Validate upstream fixes and determine patching or backporting strategies
- Rebuild, patch, and curate OS packages across multiple Linux distributions (Debian, RHEL, Alpine, etc.)
- Build and maintain secure, minimal, production-ready container images
- Remove unnecessary packages and reduce the image attack surface
- Ensure OS-level changes propagate safely into container environments
- Validate image integrity, compatibility, and runtime stability
- Generate and maintain SBOMs for OS packages and container images
- Implement provenance, signing, and artifact trust mechanisms
- Ensure reproducible and verifiable builds across OS components
- Strengthen software supply chain security across all image pipelines
- Design and scale automated pipelines for OS patching, package rebuilding, and image generation
- Integrate CVE scanning, remediation, and validation into CI/CD workflows
- Build tooling for OS-level dependency tracking and vulnerability analysis
- Improve build efficiency, reliability, and reproducibility
Requirements:
- 5+ years of experience in Linux systems engineering, OS engineering, platform engineering, DevSecOps, or release engineering
- In-depth understanding of Linux operating systems and distributions (Debian, RHEL, Ubuntu, Alpine)
- Strong knowledge of OS package management systems (apt, rpm, dnf, apk)
- Hands-on experience patching, rebuilding, or maintaining OS packages
- Strong understanding of Linux internals (processes, memory, filesystem, system libraries)
- Experience working with system-level libraries and dependencies (glibc, openssl, etc.)
- Advanced knowledge of dependency resolution, ABI compatibility, and package lifecycle management
- Experience with container internals and Linux runtime behavior
- Experience remediating CVEs in OS packages and container environments
- Understanding of SBOMs, software provenance, signing, and artifact trust models
- Familiarity with supply chain security frameworks (e.g., SLSA, reproducible builds)
- Strong experience in scripting/programming in Python, Bash, Go, or C/C++
- Experience building CI/CD pipelines for OS or system-level build processes
- Expertise in debugging across Linux systems and build environments
- Experience contributing to or maintaining Linux distributions or open-source OS projects
- Experience building minimal, distroless, or hardened container images
- Familiarity with package build infrastructure (Koji, OBS, Launchpad, mock, etc.)
- Experience with kernel hardening or low-level OS security modules
- Knowledge of large-scale container security platforms
- Contributions to open-source security, Linux, or container ecosystems