About CleanStart:

CleanStart is revolutionizing software supply chain security through our advanced
vulnerability database platform and CleanStart product line. We provide hardened,
vulnerability-free containerimages with built-in security, compliance, and performance
benefits. Our mission is to transform container security by eliminating pre-existing
vulnerabilities and providing full visibility and control overthe software supply chain.

Role Overview:

An Associate Systems Engineer focused on cryptography would be involved in
designing, implementing, and maintaining systems related to cryptographic
technologies and their applications. They would work with algorithms, protocols, key
management, and security measures to protect data and systems. You will identify,
analyze, and document vulnerabilities in open-source components, with a deep focus on
C/Linux packages and libraries. Your expertise will be crucial in developing strategies to
mitigate security risks and maintain our zero-vulnerability standard across all container
packages.

Key Responsibilities:

• Design and Implementation: Contribute to the design and implementation of
  cryptographic solutions, including algorithms, protocols, and key management
  systems.
• Testing and Evaluation: Thoroughly test and evaluate cryptographic systems for
  security vulnerabilities and performance.
• Security Analysis: Conduct security analysis to identify potential weaknesses and
  recommend improvements. Develop methodologies for analyzing C/Linux package
  vulnerabilities. Design validation processes for package security verification.
  Create and maintain vulnerability databases and tracking systems. Collaborate with
  Package Build and QA teams to implement security measures. Stay current with
  emerging threats and vulnerability trends in Linux ecosystem
• Documentation: Maintain comprehensive documentation of cryptographic systems
  and their configurations.
• Collaboration: Collaborate with other engineers and developers to integrate
  cryptographic solutions into larger systems.
• Key Management: Work with key management systems, such as HSMs and key
  vault services, to manage cryptographic keys securely.
• Security Protocols: Be familiar with various security protocols and standards, such
  as TLS/SSL, SSH, and Kerberos.
• Automation: Use scripting and automation tools to streamline cryptographic
  tasks.
• Monitoring: Monitor cryptographic systems for anomalies and security breaches.
• Problem Solving: Address security incidents and resolve system issues in a timely
  manner.

Key Skills:

• Cryptography Fundamentals: Strong understanding of cryptographic principles,
  algorithms, and protocols.
• Coding Languages: Proficiency in languages like Python, Java, C++, or Go.
• Operating Systems: Experience with Linux and Windows operating systems.
• Networking: Knowledge of network protocols and security concepts.
• Security Best Practices: Understanding of security best practices and industry
  standards.
• Automation: Familiarity with automation tools and scripting.
• Cloud Security: Experience with cloud-based key management services and data
  protection.
• Communication: Excellent written and verbal communication skills.
• Problem-solving: Ability to troubleshoot and resolve complex technical issues.

Required Qualifications:

• 0-2 years of experience in security research, Linux systems, orrelated fields
• Deep understanding of C/Linux package vulnerabilities and security issues
• Experience with tools for scanning and identifying vulnerabilities in packages
• Strong knowledge of Linux package management systems (APK, RPM, DEB)
• Proficiency with Linux environments, particularly Alpine, Ubuntu, and similar
  distributions
• Experience with C code analysis and vulnerability identification
• Strong analytical and problem-solving skills
• Experience generating and analyzing SBOMs (Software Bill of Materials)

Preferred Qualifications:

• Experience with automated vulnerability detection in C/Linux packages
• Knowledge of exploit development and vulnerability validation
• Familiarity with binary analysis tools and techniques
• Experience with FIPS compliance requirements
• Background in Linux systems programming or package development
• Contributions to security research or vulnerability databases
• Understanding of container image security and hardening techniques
• Experience with security attestation and verification systems

‍