TuxCare is a subsidiary of CloudLinux. It offers a portfolio of security solutions for Linux and open-source software aimed at enterprise organizations. With TuxCare, enterprises can automate live vulnerability patching, minimize downtime, keep their applications secure and compliant, and get support from a team that knows Linux security best – covering the most popular Linux distributions, end-of-life systems, programming languages, and much more.We are looking for an experienced Engineering Manager to take ownership of TuxCare's Language Security Research function — a group of four teams responsible for delivering security patches for end-of-life and non-EOL open-source language runtimes and frameworks.TuxCare's Endless Lifecycle Support (ELS) helps organizations continue using end-of-life software securely. We provide security patches for unsupported versions of Linux distributions and language ecosystems — including Java, JavaScript/Node.js, Python, PHP, Go, Spring, Angular, Django, Flask, and more.This is a manager-focused role within a technical delivery environment, where broad language ecosystem expertise and strong engineering leadership are both essential. You will manage four teams (~18 engineers) across Java, JavaScript/Go, Python, and PHP disciplines, setting the technical direction and operational standards for the entire function.Useful links:CVE coverage: https://cve.tuxcare.com/els/cveELS for Languages documentation: https://docs.tuxcare.com/els-for-languages/What You Will OwnPeople & TeamsLead and develop four teams (Java, JavaScript/Go, Python, PHP) totalling ~18 engineersBuild a culture of technical excellence, accountability, and continuous improvementDefine hiring plans, conduct performance reviews, and drive career development for your reportsManage onboarding and ramp-up of new team members, projects, and libraries into the team's scopeTechnical DirectionSet and enforce standards for CVE analysis, vulnerability assessment, patch backporting, and security release processes across all language ecosystemsDrive consistency in tooling and workflows across teams (CI/CD pipelines, patch delivery, release processes)Evaluate and guide AI-assisted automation for backporting and vulnerability discoveryServe as the final technical escalation point for complex or cross-team security issuesDelivery & OperationsOwn SLA compliance across all language platformsAlign team efforts with client expectations and delivery commitmentsOrganise and continuously improve development workflows and engineering processesCoordinate internal documentation and ensure it reflects the actual state of each projectEnsure smooth coordination between language teams and OS, Docker, and platform teamsManage scope boundaries and overlap with OS and platform teams, particularly around shared dependencies and cross-ecosystem vulnerabilitiesRequirementsMust have:Strong background in software development across multiple language ecosystems — at least 6 years of hands-on experience3+ years of engineering leadership experience (Team Lead or Engineering Manager) in a product companyProven experience with technical delivery and accountability for team outcomesSolid working knowledge of at least 3 of the 5 languages your teams cover: Java, JavaScript, Go, Python, PHPHands-on experience with security research or vulnerability analysis: CVE triage, patch backporting, or similarAbility to work effectively in distributed teams and within larger organisational structuresStrong communication skills — capable of interfacing with stakeholders and meeting external delivery expectationsExperience building or improving engineering processes from scratchExperience with CI/CD systems (GitLab CI, Jenkins) and dependency management tooling (Maven/Gradle, npm, pip, Go modules)Upper-intermediate or higher English (written and spoken)Nice to have:Hands-on experience identifying and analysing vulnerabilities in language-ecosystem applicationsUnderstanding of the security vulnerability lifecycle (CVE, CVSS, CWE, CSAF/VEX)Background in open-source security, supply chain security, or ELS-type productsExperience integrating AI tooling into research or patching workflowsKnowledge of Docker, Kubernetes, or cloud-native ecosystemsBenefitsWhat's in it for you?A strong focus on professional development with opportunities for learning and growth:Interesting and challenging projects,Mentor and other knowledge-exchange programs;Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide;Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves to ensure you maintain a healthy work-life balance;Compensation for private medical insurance;Co-working and gym/sports reimbursement;The opportunity to receive a reward for the most innovative idea that the company can patent, fostering a culture of creativity and innovation.
