OSS-SIRT Engineer Contract to Hire - The Linux Foundation

Key Responsibilities

• Lead the Open Source Software Security Incident Response Team (OSS‑SIRT) in detecting, analyzing, and mitigating security incidents across open‑source projects.
• Perform vulnerability triage, root‑cause analysis, and coordinate timely remediation with upstream maintainers.
• Develop and maintain automated tooling and scripts (Python, Bash) for incident detection, data collection, and reporting.
• Integrate security checks into CI/CD pipelines to ensure continuous protection of code repositories.
• Collaborate with cross‑functional teams, including developers, security researchers, and community contributors, to improve security best practices and incident handling processes.

Requirements

• Strong experience with Linux systems administration and command‑line tooling.
• Proficiency in Python and Bash scripting for automation and analysis.
• Hands‑on experience in security incident response, vulnerability management, and open‑source security ecosystems.
• Familiarity with CI/CD platforms (e.g., Jenkins, GitHub Actions, GitLab CI) and integrating security controls.
• Excellent communication skills and ability to work collaboratively with diverse open‑source communities.