Hello, we are Runecast
Our Runecast Analyzer is used for mission-critical IT operations from deep sea to space. It catches configuration or security compliance errors in virtualised data centers before they lead to service disruptions or breaches. We are also performing Data Science research on ML and NLP for context-based free text processing to make this process even smarter.
We’re a team of entrepreneur-minded professionals from more than 15 countries – but united, with most of us in our largest operations center in Brno, Czech Republic. Our skills have convinced companies like Verizon, Scania, Fujisoft, the German Aerospace Center (DLR), Erste Bank, Avast, University of St Andrews and many other enterprises (and SMBs) to trust our solution to protect their data centers.
We are looking for an outstanding Linux Security Engineer/Researcher to join our team:
We are a company with a flat hierarchy, so everyone has direct access to the CTO, CEO, and other company founders. We work in self organised, agile teams where everyone can share ideas and influence how things get done. Our team consists of Java developers, QA specialists, virtualizations experts, AI scientists, UI engineers, and UX designers.
About the job:
As a Security Engineer you will be part of a multi-disciplinary engineering team that is responsible for the research, development, and maintenance of security compliance and vulnerability rules and signatures for Runecast Analyzer.
In this team you will be mainly responsible for Unix/Linux systems, but you will have exposure and opportunities to work on numerous other technologies: AWS, Azure, Kubernetes, VMware.
What you’ll do:
- Research and Develop signatures to identify non-compliant OS security settings in the area of Unix/Linux(mainly enterprise flavours), covering the requirements of regulatory compliance profiles such as CIS, PCI-DSS, NIST and newly reported vulnerabilities.
- Provide subject matter expertise to internal core engineering and development teams to leverage SDKs and APIs in order to interact with the Linux end-points.
- Maintain the development and test infrastructure and quickly set up new disposable environments for testing and development.
- Participate in technical support cases for timely resolution of issues and for problem reproduction and escalation.
- For the most critical vulnerabilities and exploits, help prepare knowledge base articles or blog posts detailing the findings and impact.
What You’ll Need:
- Research mindset, with a hold on where to look for relevant information about threats, vulnerabilities and security compliance requirements.
- Ability to communicate, collaborate, and work effectively in a distributed team.
- Experience with the operations of large production environments.
- UNIX system administration experience including system configuration and in-depth under the hood working of: Secure Boot Settings, TCP Wrappers, IPtables, Logging and Auditing, syslog, auditd, logrotate, cron, PAM, File permissions, user and group settings
- Proficient in bash and python.
- Working experience on Linux, VMware, Kubernetes, Public Cloud (AWS, Azure, GCP)
- Worked in a relevant position of IT security risk/vulnerability management;
- Familiarity with common compliance standards, such as CIS Benchmarks, PCI-DSS and HIPAA.
What we offer:
Enough of requirements! At Runecast, you can enjoy:
- Join us in our Brno office or work from home. We do have an office in Brno, although many of us are working from home at the moment. We also have people working remotely from all over the world.
- Friendly people and great co-founders. People are often mentioned as one of the reasons why we love working at Runecast. Everyone is very friendly, and there is nothing easier than getting in touch with one of the co-founders, as they work among us.
- International team. We are a truly international team. We have our main office in Brno, where you will meet with people from nine different countries. Many people are also distributed over several European countries – from Bulgaria to the UK. Furthermore, we have people working with us from the USA and APAC region, where we are also growing.
- Being part of a growing company, where things feel like a startup. We are not big on a ten-step process just to get approval for one tiny change. We are all working together and we value input from everyone.
- Flexible working hours. We don’t care about clocking in and out at specific times. Some of us prefer to work early in the morning, others start later in the day.
- Paid therapy sessions. Mental health is paramount. Speak to a therapist whenever you need to, Runecast will contribute to the sessions.
- Further education and certifications. We'll pay for certifications and courses that will help you to get better.
We encourage you to apply:
Runecast is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of your race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability or any other characteristic.