Linux Software and Security Engineer - eLxr

About the role

eLxr is a Debian-based Linux distribution engineered for performance, reliability, and enterprise class- security. We are expanding our core engineering team and seeking a Linux Software & Security Engineer with strong programming, packaging, and security expertise to help evolve and secure the platform. As a Linux Software and Security Engineer on the eLxr team, you will design, develop, and maintain security related components across the distribution while also contributing to packaging, patching, and security vulnerability (CVE) remediation. This role combines hands-on development with distribution engineering responsibilities, including upstream patch contributions to Debian, package updates, and secure build workflow support. Responsibilities & Accountabilities Develop and maintain software components used within the eLxr distribution (C/C++, Python, or similar languages). Create, update, and optimize Debian packages. Contribute fixes and patches upstream to Debian when appropriate, following community guidelines. Maintain and enhance build scripts, packaging pipelines, and system tooling to support secure and reproducible builds. Monitor upstream projects, Debian security alerts, mailing lists, and community patches to keep packages updated and secure. Collaborate on architecture and design decisions affecting distribution direction, package quality, and security posture. Document processes, package changes, upstream contributions, and security fixes for internal and external stakeholders. Work closely with kernel, platform, infrastructure, and security engineering teams. Security Engineering & Hardening Investigate, triage, reproduce, and remediate CVEs across the distribution; create, backport, test, and sign patches. Implement distribution-wide- hardening aligned with STIG, CIS Benchmarks, and secure coding guidelines. Participate in FIPS-related- development and validation activities. Work with OpenSSL, GnuTLS, and other crypto toolkits to maintain secure configurations and enforce strong defaults. Develop and maintain secure boot, and trusted boot workflows (e.g., UEFI Secure Boot, TPM integration).