Senior Security & Compliance Engineer - eLxr

YOUR ROLE

This role is critical to ensuring compliance, security hardening, and audit readiness across all components of our ecosystem, including OS images, installers, CI/CD pipelines, and entitlement systems.

HOW YOU WILL CONTRIBUTE

•

Drive adherence to FIPS, STIG, CIS benchmarks, and Secure Development Lifecycle (SDL) practices.

•

Manage encryption tools (e.g., OpenSSL and related libraries) and ensure cryptographic compliance.

•

Security & Compliance: Implement and maintain segmentation, secrets management, certificate lifecycle processes, and least privilege access controls.

•

Ensure audit readiness and compliance with industry standards.

•

Image & Installer Management: Oversee generation of OS images (.iso, qcow2, container images) and maintain secure OS installer workflows.

•

CI/CD & Backend Systems: Secure CI pipelines and entitlement backend systems, ensuring integrity and compliance throughout build and deployment processes.

•

Vulnerability Management: Monitor CVEs, manage vulnerability remediation, and

coordinate timely patching and fixes

•

Secure Boot & Encryption: Implement and maintain secure boot processes.

•

Security Testing: Develop and execute security testing strategies, including regression and final build validation.

•

Web Properties & Portals: Ensure security and compliance across all sites (.org, .pro, .dev) and entitlement portals.

Required Qualifications

•

Bachelor's degree in computer science, Cybersecurity, or related field (or equivalent experience).

•

8+ years of experience in Linux security engineering, preferably with Debian or derivatives.

•

Strong knowledge of compliance frameworks (FIPS, STIG, CIS) and SDL practices.

•

Hands-on experience with secure boot, encryption tools, and vulnerability management.

•

Proficiency in CI/CD security, image generation, and OS installer processes.

•

Familiarity with CVE tracking, patching baselines, and audit readiness.

•

Excellent problem-solving and communication skills.

•

Must reside in Greater Austin, TX area with ability to be present on site

•

United States Citizenship required or permanent residency is required.

Preferred Skills

•

Experience with container security (Docker, Podman).

•

Knowledge of entitlement systems and license management.

•

Familiarity with large-scale Linux deployments and automation tools (Ansible, Puppet, etc.).

•

Contributions to open-source projects.

Special Clearance Requirements

This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil, and therefore any offer will be contingent upon verification of both of these requirements.

Privacy Notice - Active Candidates: https://www.aptiv.com/privacy-notice-active-candidates

Aptiv is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, gender identity, sexual orientation, disability status, protected veteran status or any other characteristic protected by law.