Was dich erwartet
- Help improve our workflows and tooling for supply chain vulnerability management, including generating, signing, and publishing SBOMs, performing CVE scans, and efficiently analyzing scan results
- Play a key role in monitoring container images for known security vulnerabilities while automating continuous security checks
- Contribute to the implementation of tools and processes for assessing vulnerabilities and generating/publishing Vulnerability Exploitability (VEX) information
- Enhance license management and compliance monitoring by generating SBOMs and validating the results of automatic license detection
Was du mitbringst
- Strong experience in supply chain security monitoring, particularly SBOMs, CVE/CVSS, and VEX
- Hands-on experience with open-source security scanners (e.g., Trivy), including scanner operation and interpreting security findings
- Experience in VEX generation, maintenance, and publishing
- Familiarity with OCI registries and Linux container artifacts (e.g., Harbor registry, Docker images, Helm charts)
- Experience in automating security workflows using GitLab CI pipelines
Was wir dir bieten
- A company that is 100% committed to open source
- A professional work environment with flat hierarchies and a culture of mutual respect
- A supportive and open-minded team that values collaboration, integrity, and transparency
Interested? Apply online via our application form or send an email to jobs@univention.de. Let us know your availability and daily rate.
Stellenangebot teilen:
Jetzt bewerben!
Unsere Kultur
Wir bei Univention pflegen eine Unternehmenskultur, die es jedem Mitarbeitenden ermöglicht, die eigenen Potenziale zu entfalten, Projekte voranzutreiben, sich weiterzuentwickeln und Verantwortung zu übernehmen. Wir begegnen uns auf Augenhöhe, haben Respekt vor Leistung und guten Ideen und nicht vor Hierarchien.
Grundlage bilden unsere 5 zentralen Grundwerte: Offenheit, Integrität, Respekt, Verantwortung und Weiterentwicklung. Diese haben wir im gemeinsamen Austausch entwickelt, stellen sie regelmäßig auf den Prüfstand des praktischen Miteinanders und entwickeln sie stetig weiter.
