Security Engineer
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years preferred, or 3+ years with strong, demonstrated ownership in vulnerability management and CI/CD / supply-chain security. • Demonstrated experience triaging and coordinating vulnerability reports (e.g., CVEs, responsible disclosure workflows) and driving remediation across multiple stakeholders. • triaging and coordinating vulnerability reports • Strong understanding of software supply chain security (dependencies, build systems, artifacts, signing, provenance, CI/CD hardening). • software supply chain security • Experience securing CI/CD pipelines (e.g., GitHub Actions), including secrets management, permissions, token scopes, and isolation. • CI/CD pipelines • Practical knowledge of secure software development practices and ability to perform risk assessments and security reviews. • secure software development practices • Ability to work independently, with strong problem-solving skills and attention to detail. • Ability to work independently • Extensive proficiency with Git and GitHub workflows (pull requests, reviews, merging, etc.). • Extensive proficiency • Professional fluency in English, excellent written and verbal communication skills in English. • Professional fluency in English, • European residency, you must be currently based in Europe and eligible to work within it. • European residency, • It would be great if you also have • Experience with Python ecosystems and packaging (pip, PyPI), dependency management, and common security tooling. • Python • Familiarity with SBOMs, SLSA, signing and attestations (e.g., Sigstore/cosign), and reproducible builds. • SBOMs, SLSA, signing and attestations • Experience with incident response and post-incident reviews. • incident response • Prior contributions to Home Assistant or other open-source projects. • Prior contributions • Experience working with IoT / smart home software and threat models. • IoT / smart home • Experience improving security testing and integrating checks into developer workflows. • security testing • Affinity for the open-source philosophy and community-driven development. • Affinity • A passionate Home Assistant user, or a strong interest in smart home technology and automation. • A passionate Home Assistant user
Benefits
• The Open Home Foundation is a fully remote organization that uses an Employer of Record to employ people from all over the world. You will be a normal salaried employee in your country. • This is a full-time position for 40 hours per week. Because we are a fully remote company, there is no fixed schedule. For the purpose of team communication, we do try to ensure at least 3 hours of overlap in the workday. You will report to the Home Assistant Lead, who is based in the Netherlands. • Core to the establishment of the Open Home Foundation was the well-being of the people building the future of the smart home. We will provide all the benefits required by the country you reside in. However, we also want to make sure all our employees, regardless of country of origin, get at least a minimal set of benefits, including: • Five weeks (twenty-five days) of paid time off. • Fourteen days of paid sick leave if your country/laws treat them as unpaid. • Six weeks of paid and six weeks of unpaid parental leave to be used in the first year after birth. We will provide the missing days if your country/laws do not provide such compensation. • A budget for your work hardware once you start. • A 50% contribution to your internet connection fee at your home workspace. • If you are currently working on Home Assistant-related side projects, you can spend work time maintaining them. • When first offering a position to a new member, the Open Home Foundation aims to provide a total compensation package that matches the 75th percentile for the new hire's role, seniority, and local market rates. For a Security Engineer in our primary operating countries, the approximate yearly compensation will be the following: • Netherlands: 78.000 EUR • Spain / Portugal: 58.000 EUR • Italy: 64.000 EUR • Other countries: compensation can be discussed during the first interview. • These figures may be adjusted based on experience, qualifications, and work hours. • The Open Home Foundation is a non-profit organization based in Switzerland, with the objective of fighting for the fundamental principles of privacy, choice, and sustainability for smart homes. It does this by supporting the development of open-source projects, and open connectivity and communication standards. • A big part of this is Home Assistant, the biggest open-source project in number of contributors, but the Open Home Foundation also owns or collaborates with other projects important to promoting privacy, choice, and sustainability in the smart home, like: • Open hardware tools (e.g., ESPHome, ESP Web Tools) • Open standards (e.g., Python Matter Server, Z-Wave JS, ZigPy, BTHome, Improv Wi-Fi) • Open voice (e.g., Rhasspy, Wyoming Protocol, Piper) • The recruitment process • Our HR team will review your application with the hiring manager • Interview with HR • Technical assessment • Interview with the team