Activate JobCopilot
Perforce is a community of collaborative experts, problem solvers, and possibility seekers who believe work should be both challenging and fun. We are proud to inspire creativity, foster belonging, support collaboration, and encourage wellness. At Perforce, you’ll work with and learn from some of the best and brightest in business. Before you know it, you’ll be in the middle of a rewarding career at a company headed in one direction: upward.
With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce Software, Inc. is trusted by the world’s leading brands to deliver solutions for the toughest challenges. The best run DevOps teams in the world choose Perforce.
About the Role
OpenLogic, a Perforce business unit, provides long-term support (LTS) for enterprise Linux distributions - including CentOS 6, 7, and 8 - to customers who depend on stable, security-patched software beyond end-of-life. As a Senior Software Engineer on the CentOS CVE Remediation team, you will own the full lifecycle of CVE fixes: triaging vulnerabilities, backporting upstream patches, rebuilding RPM packages, validating fixes, and delivering hardened packages to production. You will work across a broad range of system packages — kernel, OpenSSL, openldap, libxml2, Ruby, MySQL, and others — making deep C/C++ expertise essential.
Responsibilities :
- Triage incoming CVEs using NVD, CVSS/EPSS scores, and CISA KEV data; prioritize backport work by risk severity
- Write and apply C/C++ patches for EOL packages (CentOS 6/7/8) where upstream fixes are unavailable or inapplicable
- Build, test, and sign RPM packages using mock, rpmbuild, and GPG; maintain spec files and package metadata
- Debug regressions and build failures with gdb, strace, and valgrind; resolve symbol, linkage, and ABI issues
- Collaborate with reviewers to meet quality gates; respond to technical review feedback on patch correctness and security impact
- Document remediation decisions, patch rationale, and build reproduction steps in Jira and Confluence
- Contribute to automation improvements (CI pipelines, scripted build environments) to increase team CVE velocity
Requirement :
- 12+ years of professional C and C++ development and system admin level experience on Linux systems.
- RPM packaging expertise — Hands-on experience with RPM packaging:
- Writing and maintaining .spec files, understanding of rpm build phases and macros
- Building in isolated environments using mock; managing dist tags and dependencies
- Deep Linux internals – Strong Linux internals knowledge:
- Kernel subsystems (memory management, process scheduling, file systems, networking stack)
- System calls, device drivers, and kernel module development fundamentals
- Package management proficiency with yum/dnf and familiarity with rpm database operations
- Practical debugging skills: gdb, strace, ltrace, valgrind, core dump analysis
- Scripting in Bash and Python for build automation and tooling
- Familiarity with SELinux policy analysis and enforcement modes
- Experience with git and git-lfs for patch management and source control
Nice to Have :
- Prior experience backporting security patches for EOL distributions (CentOS, RHEL, Oracle Linux, Rocky, AlmaLinux)
- Knowledge of OpenSSL, libxml2, openldap, or Ruby C extensions at the source level
- Familiarity with CVSS v3/v4 scoring, EPSS, and KEV prioritization workflows
- Experience with virtualization tooling: libvirt, QEMU/KVM, Vagrant, VirtualBox
- CI/CD pipeline experience (Jenkins, GitHub Actions) for automated package builds
- Understanding of networking layers (L2/L3), socket programming, and network-facing service hardening
- Exposure to CIS Benchmarks or DISA STIGs for hardened image configuration
All employees are expected to demonstrate AI fluency appropriate to their role and level, including responsible use of AI tools, sound judgment, and adherence to company AI governance and security policy standards.
Come work with us! Our team members are valued for their contributions, introduced to new opportunities, and rewarded well. Perforce combines the experience and rewards of a start-up with the security of an established and privately held profitable company.
If you are passionate about the technology that impacts our day-to-day lives and want to work with talented and dedicated people across the globe, apply today!
Please click here for: EOE & Belonging Statements | Perforce Software
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Your email job alert is now active!
