Role overview

Engineering Manager, Language Security (TuxCare)

Requirements and responsibilities

Readable role content extracted into sections for faster review.

Useful links:

  • CVE coverage: https://cve.tuxcare.com/els/cve
  • ELS for Languages documentation: https://docs.tuxcare.com/els-for-languages/

People & Teams

  • Lead and develop four teams (Java, JavaScript/Go, Python, PHP) totalling ~18 engineers
  • Build a culture of technical excellence, accountability, and continuous improvement
  • Define hiring plans, conduct performance reviews, and drive career development for your reports
  • Manage onboarding and ramp-up of new team members, projects, and libraries into the team's scope

Technical Direction

  • Set and enforce standards for CVE analysis, vulnerability assessment, patch backporting, and security release processes across all language ecosystems
  • Drive consistency in tooling and workflows across teams (CI/CD pipelines, patch delivery, release processes)
  • Evaluate and guide AI-assisted automation for backporting and vulnerability discovery
  • Serve as the final technical escalation point for complex or cross-team security issues

Delivery & Operations

  • Own SLA compliance across all language platforms
  • Align team efforts with client expectations and delivery commitments
  • Organise and continuously improve development workflows and engineering processes
  • Coordinate internal documentation and ensure it reflects the actual state of each project
  • Ensure smooth coordination between language teams and OS, Docker, and platform teams
  • Manage scope boundaries and overlap with OS and platform teams, particularly around shared dependencies and cross-ecosystem vulnerabilities

RequirementsMust have:

  • Strong background in software development across multiple language ecosystems — at least 6 years of hands-on experience
  • 3+ years of engineering leadership experience (Team Lead or Engineering Manager) in a product company
  • Proven experience with technical delivery and accountability for team outcomes
  • Solid working knowledge of at least 3 of the 5 languages your teams cover: Java, JavaScript, Go, Python, PHP
  • Hands-on experience with security research or vulnerability analysis: CVE triage, patch backporting, or similar
  • Ability to work effectively in distributed teams and within larger organisational structures
  • Strong communication skills — capable of interfacing with stakeholders and meeting external delivery expectations
  • Experience building or improving engineering processes from scratch
  • Experience with CI/CD systems (GitLab CI, Jenkins) and dependency management tooling (Maven/Gradle, npm, pip, Go modules)
  • Upper-intermediate or higher English (written and spoken)

Nice to have:

  • Hands-on experience identifying and analysing vulnerabilities in language-ecosystem applications
  • Understanding of the security vulnerability lifecycle (CVE, CVSS, CWE, CSAF/VEX)
  • Background in open-source security, supply chain security, or ELS-type products
  • Experience integrating AI tooling into research or patching workflows
  • Knowledge of Docker, Kubernetes, or cloud-native ecosystems

What's in it for you?

  • A strong focus on professional development with opportunities for learning and growth:
  • Interesting and challenging projects,
  • Mentor and other knowledge-exchange programs;
  • Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide;
  • Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves to ensure you maintain a healthy work-life balance;
  • Compensation for private medical insurance;
  • Co-working and gym/sports reimbursement;
  • The opportunity to receive a reward for the most innovative idea that the company can patent, fostering a culture of creativity and innovation.

Details

  • Interesting and challenging projects,
  • Mentor and other knowledge-exchange programs;
Similar roles

Keep a backup shortlist.

Browse stack
FocusEngineering ManagementRole area
Seniority signalLeadCandidate level
StackCI/CD, Docker, JavaPrimary skills
Location1 accepted countryEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link