The Eclipse Foundation is one of the world’s largest open source software foundations, with a proven track record of enabling developer-focused open source innovation earned over 16 years. The Foundation has more than 415 collaborative projects including Eclipse Adoptium, Jakarta EE, and the Eclipse IDE and more than 20 Working Groups.
The Eclipse Foundation Security Team top priority is to help Eclipse Projects developing and releasing secured software. It strives to advance, promote, and disseminate the security policies, procedures, and guidelines based on industry best practices.
The Software Engineer will work with the Eclipse Foundation Security Team, helping Eclipse Projects to secure their software supply chain. The Engineer will work in close collaboration with projects, helping them harden their CI/CD pipelines, configure tools to detect vulnerabilities, and keep dependencies up-to-date. This will be done by providing guidance, patches, and possibly by developing some new tooling. The Software Engineer reports to and works with the Head of Security at the Eclipse Foundation.
This is a remote-only position. The successful candidate can be located in Canada, Europe, or the US. The Eclipse Foundation is global in scope, it is headquartered in Belgium.
- Collaborate with projects to improve their Supply chain Levels for Software Artifacts (SLSA) level.
- Convince projects to publish and consume a software bill of materials (SBOM).
- Provide tooling and processes to projects to sign their releases.
- Track global progress of projects in a public dashboard
- Communicate publicly (blog posts, twitter, etc.) about improvements and new developments.
- Build close working relationships with companies and individuals within the Open Source Software Security community.
- Prepare technical content to help Eclipse Projects harden their CI/CD pipeline. The content will include videos, articles, tutorials, webinars, plus other content deemed appropriate.
- Minimum of 5 years industry experience working in Software Engineering with a security mindset.
- Strong knowledge of CI/CD best practices with either Github Actions, Gitlab CI/CD, or Jenkins.
- Strong written and verbal communication skills and experience writing high quality materials
- Experience with open source software community development and collaboration models
- Demonstrated ability to complete complex projects in a timely manner with minimal supervision
- Fluent in English with proven proficiency of working in an English business environment
- Experience with participating in open source projects (either as a committer or a contributor) is a plus
- Knowledge of Java
- Knowledge of Supply chain Levels for Software Artifacts (SLSA), NIST Secure Software Development Framework (SSDF), or other secure software development practices
- Experience in working in a remote-first / remote-only environment and with a distributed team.
- Bachelor’s or Master’s degree in Computer Science, Software Engineering, Computer Engineering or equivalent.
We offer highly competitive compensation along with a comprehensive benefits package. We thank all applicants for their interest; however, only those to be interviewed will be contacted. For more information about Eclipse Foundation, please visit our website at /
Eclipse respects the dignity and independence of people with disabilities, and is committed to providing accommodation and support to persons with disabilities throughout any recruitment process, once made aware of a need for accommodation. If you require any special accommodation or support during the recruitment process, please indicate in your email to us.
In addition to your resume, please include a cover letter in your application to this link.