Senior Security Engineer


What we're building


At Tidelift, our mission is making open source software work better—for everyone.

We see a world where software development teams get better maintained, more dependable software, and open source creators can get paid for the incredible value they create.

Tidelift is the largest provider of commercial support and maintenance for the community-led open source software behind modern applications. We partner directly with independent project maintainers to make it safer and easier to build with open source, so engineering teams can create even more incredible software, even faster. 

We're well-funded and growing fast. You will play a large role in tackling challenging problems and helping build the company, while learning alongside our experienced team.

Find out more about us on tidelift.com or read about us in Wired or Business Insider.



How you can help

We’re looking for a senior engineer to lead our efforts of coordinating security disclosure with our community of open source maintainers. We want to work with maintainers to ensure that security vulnerabilities are resolved in a timely and responsible fashion and you will be the point person interacting with both the maintainers and anyone reporting potential security vulnerabilities. In addition to the coordination efforts, you will be responsible for shaping how we ingest, categorize, and validate vulnerabilities that we learn about indirectly through other data sources.

 
This team

We want a team where everyone cares about  cares about users, design, building a business, and one another. This team assessment spoke to our developers, and we want the whole company to score highly on similar measures of engagement and work quality as our culture grows.

We’re also aiming for work-life harmony: we believe in doing good work, with urgency and pragmatism, but at a sustainable pace. We value big impact over long hours.



Our values

We’re trying to build a healthy, values-driven culture. We want to be:

  • Optimistic: We see an amazing future ahead, and want to inspire others to share in it. This is both internal—building each other up and looking for the best in people—and external—we know open source is awesome, and we want to make it even better.
  • Practical: We know words and ideas alone won’t change lives. We help people most by creating a pragmatic, viable, and sustainable business that works for everyone. So we care about usability, design, and honest assessment of costs and benefits.
  • Additive: We want an environment that encourages and inspires growth, both for individuals and for the open source community as a whole. That means embracing a growth mindset, and valuing culture add over culture fit.
  • Inclusive: We believe technology will be stronger when it better reflects the voices and ideas of society as a whole. So we want people from different backgrounds and experiences to not just be represented, but to be heard, valued, and flourish. We do not tolerate discrimination or harassment.



Logistics


In this role, you would have the option to work remotely from the US or from our offices in Boston, MA or Raleigh, NC.

We believe in the urgency of our mission and the importance of doing good work, but also know this is a marathon and not a sprint. Hours can be flexible within reason if necessary to meet personal needs (like child, medical, or elder care).


Compensation, benefits, and career

Compensation is competitive with other Boston-area startups, including health insurance, flexible vacation, 401(k), short-term disability, parental leave, and equity.

We invest in every employee’s growth, and support professional development that aligns with your goals and how you learn best.

How to apply

Fill out the form below. We'd love it if you add a thoughtful note about your goals and your background. We’ll get back to you promptly!

Please note that we are not looking to hire contractors or outsourced sales teams.

Want to apply later?

Type your email address below to receive a reminder

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
Error
Error
insert_drive_file
insert_drive_file