Senior Security Engineer
- Product Development
- Boston, MA or remote
What we're building
At Tidelift, our mission is making open source software work better—for everyone.
We see a world where software development teams get better maintained, more dependable software, and open source creators can get paid for the incredible value they create.
Tidelift is the largest provider of commercial support and maintenance for the community-led open source software behind modern applications. We partner directly with independent project maintainers to make it safer and easier to build with open source, so engineering teams can create even more incredible software, even faster.
We're well-funded and growing fast. You will play a large role in tackling challenging problems and helping build the company, while learning alongside our experienced team.
How you can help
We’re looking for a senior engineer to lead our efforts of coordinating security disclosure with our community of open source maintainers. We want to work with maintainers to ensure that security vulnerabilities are resolved in a timely and responsible fashion and you will be the point person interacting with both the maintainers and anyone reporting potential security vulnerabilities. In addition to the coordination efforts, you will be responsible for shaping how we ingest, categorize, and validate vulnerabilities that we learn about indirectly through other data sources.
This team
We want a team where everyone cares about cares about users, design, building a business, and one another. This team assessment spoke to our developers, and we want the whole company to score highly on similar measures of engagement and work quality as our culture grows.
We want a team where everyone cares about cares about users, design, building a business, and one another. This team assessment spoke to our developers, and we want the whole company to score highly on similar measures of engagement and work quality as our culture grows.
We’re also aiming for work-life harmony: we believe in doing good work, with urgency and pragmatism, but at a sustainable pace. We value big impact over long hours.
Our values
We’re trying to build a healthy, values-driven culture. We want to be:
Optimistic: We see an amazing future ahead, and want to inspire others to share in it. This is both internal—building each other up and looking for the best in people—and external—we know open source is awesome, and we want to make it even better.- Practical: We know words and ideas alone won’t change lives. We help people most by creating a pragmatic, viable, and sustainable business that works for everyone. So we care about usability, design, and honest assessment of costs and benefits.
- Additive: We want an environment that encourages and inspires growth, both for individuals and for the open source community as a whole. That means embracing a growth mindset, and valuing culture add over culture fit.
- Inclusive: We believe technology will be stronger when it better reflects the voices and ideas of society as a whole. So we want people from different backgrounds and experiences to not just be represented, but to be heard, valued, and flourish. We do not tolerate discrimination or harassment.
Logistics
In this role, you would have the option to work remotely from the US or from our offices in Boston, MA or Raleigh, NC.
We believe in the urgency of our mission and the importance of doing good work, but also know this is a marathon and not a sprint. Hours can be flexible within reason if necessary to meet personal needs (like child, medical, or elder care).
Compensation, benefits, and career
Compensation is competitive with other Boston-area startups, including health insurance, flexible vacation, 401(k), short-term disability, parental leave, and equity.
We invest in every employee’s growth, and support professional development that aligns with your goals and how you learn best.
How to apply
Fill out the form below. We'd love it if you add a thoughtful note about your goals and your background. We’ll get back to you promptly!
Please note that we are not looking to hire contractors or outsourced sales teams.