Expoint – all jobs in one place
Finding the best job has never been easier
Limitless High-tech career opportunities - Expoint

Cisco Tetragon Linux Security Engineer 
Switzerland, Bern, Bern 
479185246

28.07.2025

The flagship technology, Cilium, is the choice of numerous, industry-leading, global organizations.


About this role:

Cilium Tetragon is a flexible, Kubernetes-aware security tool, with real-time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low-overhead, in kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events.

Tetragon security engineers primarily focus on creating and maintaining Tetragon runtime security policies.

Policies can act either as a mitigation to known vulnerabilities or as monitoring and protection against unknown security issues.


What you’ll do:
  • Develop and maintain Tetragon runtime security policies to monitor and protect against attacks
  • Monitor vulnerability disclosures (CVEs) and develop Tetragon runtime security policies as mitigation against them.
  • Interact with software engineers to improve and enhance the capabilities of Tetragon security policies
  • Interact with solution architects and customers as necessary to support and deploy Tetragon security policies in production

Minimum Qualifications:

  • 3+ years of experience working on Linux system security (e.g., capabilities, LSMs, etc.)
  • 3+ years of experience with security vulnerabilities and their exploitation
  • Experience with Linux kernel internals and system software design and implementation
  • Good communication skills, both written and verbal
Preferred Qualifications:
  • Experience with eBPF (extended Berkeley Packet Filter) and its applications in security.
  • Experience with the cloud-native ecosystem (containers, Kubernetes, etc.) and their Linux implementation (e.g., Linux cgroups, namespaces)
  • Proven experience with developing and maintaining runtime security policies