About CleanStart:
CleanStart is revolutionizing software supply chain security through our advancedvulnerability database platform and CleanStart product line. We provide hardened,vulnerability-free containerimages with built-in security, compliance, and performancebenefits. Our mission is to transform container security by eliminating pre-existingvulnerabilities and providing full visibility and control overthe software supply chain.
Role Overview:
An Associate Systems Engineer, particularly in a "Build" context, focuses on thepractical implementation and maintenance of system infrastructure, often involvingtasks related to software development, build processes, and release management.They collaborate with developers, QA, and other teams to ensure systems are built,deployed, and maintained effectively. You will identify, analyze, and documentvulnerabilities in open-source components, with a deep focus on C/Linux packages andlibraries. Your expertise will be crucial in developing strategies to mitigate security risksand maintain our zero-vulnerability standard across all container packages.
Key Responsibilities:
- Build and Release Engineering: This includes setting up and managing build environments, automating build processes, and deploying applications to various environments. This might involve using tools like Maven, Gradle, Jenkins, etc.
- DevOps Practices:Familiarity with DevOps principles and tools is crucial for continuous integrationand continuous delivery (CI/CD) pipelines. This includes using tools like Git,Docker, Kubernetes, etc.
- Automation:Automating tasks like testing, deployment, and infrastructure management cansignificantly improve efficiency and reliability.
- Troubleshooting:Troubleshooting and resolving issues related to system infrastructure, buildprocesses, and deployments is a critical part of the role.
- Communication and Collaboration:Effective communication and collaboration with development teams, QA, andother stakeholders are essential.
- Scripting:Experience with scripting languages like Python, Perl, Shell, or Powershell isoften needed for automating tasks and customizing build processes.
- System Infrastructure:Understanding and managing various aspects of system infrastructure, includingoperating systems, networks, and cloud platforms, is also important.
- Knowledge of Software Development Life Cycle (SDLC):A general understanding of the SDLC is important for building and releasingsoftware applications
Key Skills:
- Coding Languages: Proficiency in languages like C, C++, Python, Java or Go.With scripting experience like Bash, Perl, Java Script etc.
- Operating Systems: Experience with Linux and Windows operating systems.
- Networking: Knowledge of network protocols and security concepts.
- Security Best Practices: Understanding of security best practices and industrystandards.
- Automation: Familiarity with automation tools and scripting.
- Cloud Security: Experience with cloud-based key management services and dataprotection.
- Communication: Excellent written and verbal communication skills.
- Problem-solving: Ability to troubleshoot and resolve complex technical issues.
Required Qualifications:
- 0-2 years of experience in C/C++, Linux systems, Bash/Perl/Python scripting
- Deep understanding of C/Linux package vulnerabilities and security issues
- Experience with tools for scanning and identifying vulnerabilities in packages
- Strong knowledge of Linux package management systems (APK, RPM, DEB)
- Proficiency with Linux environments, particularly Alpine, Ubuntu, and similardistributions
- Experience with C code analysis and vulnerability identification
- Strong analytical and problem-solving skills
- Experience generating and analyzing SBOMs (Software Bill of Materials)
Preferred Qualifications:
- Experience with automated vulnerability detection in C/Linux packages
- Knowledge of exploit development and vulnerability validation
- Familiarity with binary analysis tools and techniques
- Experience with FIPS compliance requirements
- Background in Linux systems programming or package development
- Contributions to security research or vulnerability databases
- Understanding of container image security and hardening techniques
- Experience with security attestation and verification systems
