Microsoft Linux Security Release Management Engineer 

India, Karnataka, Bengaluru 

476974435

Required qualifications :

• B.S or higher in Computer Science or a related field, or equivalent industry experience
• 8+ years of professional software development experience on Linux with coding in languages including, but not limited to, C, Python, Rust, or Golang
• Extensive experience with Linux distribution management (e.g., Fedora, Red Hat, CentOS, Debian)
• Strong knowledge of security vulnerabilities (CVEs), security best practices, and experience in backporting patches for Linux systems
• Experience engaging with open-source communities (e.g., Fedora, Red Hat) to address security issues and contribute patches
• Proven track record of collaborating with upstream developers to fix vulnerabilities and improve security
• Proficiency in automation and scripting (e.g., Bash, Python) to streamline release management and security patching processes
  

Preferred qualifications :

• Experience integrating security patching and release management processes into CI/CD pipelines to automate updates and ensure secure releases
• Strong communication skills to work across teams and with open-source communities
• Ability to communicate complex security issues to both technical and non-technical stakeholders
• Contributing to open-source projects, like the Linux or CNCF projects, is a plus
  

• Ensure smooth deployment of Linux updates across the organization, including coordinating upgrades, security patches, and updates across systems with minimal disruption to production environments
• Develop, maintain, and enforce security standards and best practices for Linux distributions, ensuring they align with organizational policies
• Monitor, identify, and assess vulnerabilities impacting the organization’s Linux distributions
• Backport and apply security patches for vulnerabilities, ensuring compatibility with existing systems and infrastructur
• Integrate vulnerability scanning tools into the development and release workflows to catch security issues early in the development process
• Work closely with internal teams to prioritize and remediate critical vulnerabilities while minimizing impact on operations
• Actively engage with open-source communities (e.g., Fedora, Red Hat) to stay ahead of emerging vulnerabilities and contribute to security discussions
• Partner with upstream maintainers and developers to address vulnerabilities and bugs in open-source projects