Product Security Engineer

At our organization, we believe that security is the bedrock of innovation. Our mission is to provide world‑class digital services that empower our users while maintaining the highest standards of digital trust and data integrity. We foster a culture of technical excellence, where engineers are encouraged to be proactive, inquisitive, and dedicated to the craft of building resilient systems. As we continue to expand our footprint in the tech ecosystem, we are looking for a specialist who shares our passion for open‑source technology and robust security architectures. 1.1 Position Specifications

Category

Details

Position Title

Product Security Engineer (RHEL Specialist)

Location

Remote

Experience Level

Senior (Minimum 5+ Years Professional Experience)

Language Requirements

Portuguese and English

Employment Type

Permanent / Full‑Time 1.2 Role Summary

The Product Security Engineer (RHEL Specialist) is a critical technical position focused on the intersection of infrastructure stability and proactive security posture. The core purpose of this role is to embed automated security controls, hardening standards, and DevSecOps best practices throughout the entire product lifecycle, with a specialized focus on the Red Hat Enterprise Linux (RHEL) ecosystem. You will be the primary architect of security automation, ensuring that our RHEL‑based infrastructure is resilient against modern threats while maintaining high availability and operational efficiency.

Role Mission:

To transform traditional security "gates" into automated security "guardrails" within our Linux environment. You will be tasked with identifying system inefficiencies, automating vulnerability remediation, and ensuring that security is a seamless component of our CI/CD pipelines and virtualization stacks.

The ideal candidate is not just a security enthusiast but a seasoned Linux practitioner who understands the nuances of system internals. You will move beyond manual checklists, leveraging Ansible for configuration management and Python/Bash for custom security tooling. Whether managing workloads on‑premise through VMware/KVM or across AWS, Azure, or GCP , your objective remains consistent: to provide a secure, standardized, and self‑healing platform that serves as the backbone for our product offerings. 1.3 Core Objectives and Expectations

Infrastructure Hardening: Design and enforce automated RHEL hardening standards across all environments using CIS benchmarks or similar frameworks.

Security Automation: Implement "Security as Code" principles to reduce manual toil and human error in security configurations.

Proactive System Optimization: Actively hunt for system inefficiencies and performance bottlenecks, providing automated resolutions before they impact product delivery.

Cloud and Container Security: Secure our transition to cloud‑native architectures by ensuring Docker and Kubernetes environments meet enterprise security requirements.

Continuous Integration: Integrate security scanning and compliance auditing directly into our Jenkins and GitLab CI pipelines.

As a senior member of the technical staff, you will be expected to work with a high degree of autonomy, collaborating with both DevOps and Software Development teams to foster a culture of shared responsibility for security outcomes. 2. Key Responsibilities

The Product Security Engineer (RHEL Specialist) is tasked with safeguarding the integrity, availability, and confidentiality of our product ecosystem. This role functions at the critical intersection of system engineering and cybersecurity, requiring a hands‑on approach to building resilient infrastructure. The incumbent is expected to move beyond reactive security measures, instead architecting automated, self‑healing systems that adhere to global security standards. 2.1 Security Automation & Hardening

The primary accountability in this area is the conversion of complex security requirements into executable, version‑controlled code. This ensures a consistent security posture across all