
Senior OS Engineer — Linux Security & Container Supply Chain
RapidFort, Inc.about 2 months ago
Remote, WorldwideSenior
Base Salary
$150k - $200k/yr
Responsibilities
- Own end-to-end CVE remediation across Linux OS packages and system libraries.
- Analyze vulnerabilities affecting core OS components.
- Validate upstream fixes and determine patching or backporting strategies.
- Rebuild, patch, and curate OS packages across multiple Linux distributions.
- Build and maintain secure, minimal, production-ready container images.
- Remove unnecessary packages and reduce image attack surface.
- Ensure OS-level changes propagate safely into container environments.
- Validate image integrity, compatibility, and runtime stability.
- Generate and maintain SBOMs for OS packages and container images.
- Implement provenance, signing, and artifact trust mechanisms.
- Ensure reproducible and verifiable builds across OS components.
- Strengthen software supply chain security across all image pipelines.
- Design and scale automated pipelines for OS patching, package rebuilding, and image generation.
- Integrate CVE scanning, remediation, and validation into CI/CD workflows.
- Build tooling for OS-level dependency tracking and vulnerability analysis.
- Improve build efficiency, reliability, and reproducibility.
- Partner with platform, DevOps, infrastructure, and security teams.
- Work closely with engineering teams to integrate secure OS layers into product pipelines.
- Support production environments with stable, secure OS baselines.
Requirements
- 5+ years in Linux systems engineering, OS engineering, platform engineering, DevSecOps, or release engineering.
- Deep expertise in Linux operating systems and distributions.
- Strong experience with OS package management systems.
- Hands-on experience patching, rebuilding, or maintaining OS packages.
- Strong understanding of Linux internals.
- Experience working with system-level libraries and dependencies.
- Deep knowledge of dependency resolution, ABI compatibility, and package lifecycle management.
- Experience with container internals and Linux runtime behavior.
- Experience remediating CVEs in OS packages and container environments.
- Understanding of SBOMs, software provenance, signing, and artifact trust models.
- Familiarity with supply chain security frameworks.
- Strong scripting/programming ability in Python, Bash, Go, or C/C++.
- Experience building CI/CD pipelines for OS or system-level build processes.
- Strong debugging skills across Linux systems and build environments.
Benefits
- Competitive benefits package including health, dental, and vision insurance.
- Paid time off.
- Equity participation.