{ "version": "https://jsonfeed.org/version/1.1", "title": "Job Search Results", "home_page_url": "https://apply.coop/search?country_code=\u0026employment_type=\u0026tags=securedrop\u0026terms=\u0026working_location=\u0026workplace_type=", "description": "Job search results", "author": { "name": "apply.coop" }, "authors": [ { "name": "apply.coop" } ], "items": [ { "id": "https://apply.coop/jobs/d0vgcbeblda221bjl9cg-engineering-manager--securedrop", "url": "https://apply.coop/jobs/d0vgcbeblda221bjl9cg-engineering-manager--securedrop", "title": "Engineering Manager, SecureDrop", "content_html": "\u003cp\u003eFreedom of the Press Foundation (FPF), a nonprofit organization dedicated to protecting, defending, and empowering public interest journalism, is hiring an engineering manager to oversee its SecureDrop development team. Reporting to the chief technology officer, this role will manage a remote and internationally distributed team of software engineers who work on SecureDrop, an open source whistleblower submission platform. SecureDrop makes it possible for newsrooms to manage their most sensitive submissions, from the next big story about abuse of government power to the exposure of corruption at the local level.\u003c/p\u003e\n\u003ch2\u003eAbout SecureDrop\u003c/h2\u003e\n\u003cp\u003eSecureDrop is an open source whistleblower submission system used by journalists to communicate with sources. Through its hardened architecture and the use of the Tor network, it offers whistleblowers strong security and anonymity protections. It is used by more than 70 news organizations worldwide, including The New York Times, The Washington Post, The Guardian, and Al Jazeera.\u003c/p\u003e\n\u003cp\u003eSecureDrop is composed of a variety of components:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecureDrop Server: an anonymous whistleblowing system, deployed on hardened and Ansible-managed Ubuntu servers, hosting two web applications available as Onion services over the Tor Network.\u003c/li\u003e\n\u003cli\u003eSecureDrop Workstation: a platform built on top of Qubes OS to make SecureDrop faster and simpler for journalists to use. It consists of multiple GUI applications and services that span across a suite of SaltStack-provisioned, task-specific virtual machines.\u003c/li\u003e\n\u003cli\u003eSecureDrop Protocol: an end-to-end protocol designed specifically for whistleblowing systems, and intended for a future reimplementation of SecureDrop Server. This also encompasses our work on WEBCAT, to verify the integrity of code running in the browser.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor now, our main focus is on improving and expanding the functionality of SecureDrop Workstation, while maintaining SecureDrop Server. Future plans include a rewrite of the server application, using SecureDrop Protocol, to allow for easier deployments while preserving the security properties of the current system. As part of the team, a successful candidate will have a key role in these efforts.\u003c/p\u003e\n\u003ch2\u003eResponsibilities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eManage and mentor a high-performing team, fostering a collaborative, mission-driven culture:\n\u003cul\u003e\n\u003cli\u003eHelp address impediments or blockers to your team’s progress, be they administrative, technical, or organizational\u003c/li\u003e\n\u003cli\u003eFacilitate the development of individual and team goals, and, in collaboration with the team’s tech lead, make regular updates to the SecureDrop development road map\u003c/li\u003e\n\u003cli\u003eRepresent team members within the organization, while creating opportunities for your team to do so as well\u003c/li\u003e\n\u003cli\u003eDevelop best practices in asynchronous collaboration, including clear documentation of discussions and decisions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eProvide performance reviews, and plan and implement compensation changes in coordination with leadership and HR\u003c/li\u003e\n\u003cli\u003eIdentify key capacity gaps within the team and act as hiring manager for agreed-upon hires on your team\u003c/li\u003e\n\u003cli\u003eEnsure effective planning and facilitation of team meetings in the context of a distributed team spanning multiple time zones\u003c/li\u003e\n\u003cli\u003eManage the development process and ensure effective, agile project management of the SecureDrop team’s commitments\u003c/li\u003e\n\u003cli\u003eManage and oversee the SecureDrop team’s budget, and collaborate with the fundraising team on grant proposals and other fundraising initiatives\u003c/li\u003e\n\u003cli\u003eManage relationships with external vendors for purposes such as security audits or project-level engagements\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eQualifications\u003c/h2\u003e\n\u003ch3\u003eRequired\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eProven engineering leadership and people management experience: three-plus years of experience as a software or infrastructure engineer, and four-plus years as a manager for a team that ships production code\u003c/li\u003e\n\u003cli\u003eAgile project stewardship: demonstrated ability to run sprint planning, retrospectives, backlog grooming, or comparable team processes for a distributed team\u003c/li\u003e\n\u003cli\u003eHiring and capacity building: experience crafting role definitions, running inclusive interview and review processes, and onboarding new engineers\u003c/li\u003e\n\u003cli\u003eCommitment to public-interest journalism: You’re motivated to advance press freedom and whistleblower protection through open source technology\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreferred\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExperience contributing to or managing open source projects with external contributors and stakeholders\u003c/li\u003e\n\u003cli\u003ePractical experience with secure software development life cycles, threat modeling, incident response, and coordinating independent security audits.\u003c/li\u003e\n\u003cli\u003eExperience leading asynchronous teams across time zones\u003c/li\u003e\n\u003cli\u003eWorking knowledge of Python, Rust, Git, and other technologies used as part of SecureDrop development\u003c/li\u003e\n\u003c/ul\u003e", "summary": "\u003cp\u003eFreedom of the Press Foundation (FPF), a nonprofit organization dedicated to protecting, defending, and empowering public interest journalism, is hiring an engineering manager to oversee its SecureDrop development team. Reporting to the chief technology officer, this role will manage a remote and internationally distributed team of software engineers who work on SecureDrop, an open source whistleblower submission platform. SecureDrop makes it possible for newsrooms to manage their most sensitive submissions, from the next big story about abuse of government power to the exposure of corruption at the local level.\u003c/p\u003e\n\u003ch2\u003eAbout SecureDrop\u003c/h2\u003e\n\u003cp\u003eSecureDrop is an open source whistleblower submission system used by journalists to communicate with sources. Through its hardened architecture and the use of the Tor network, it offers whistleblowers strong security and anonymity protections. It is used by more than 70 news organizations worldwide, including The New York Times, The Washington Post, The Guardian, and Al Jazeera.\u003c/p\u003e\n\u003cp\u003eSecureDrop is composed of a variety of components:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecureDrop Server: an anonymous whistleblowing system, deployed on hardened and Ansible-managed Ubuntu servers, hosting two web applications available as Onion services over the Tor Network.\u003c/li\u003e\n\u003cli\u003eSecureDrop Workstation: a platform built on top of Qubes OS to make SecureDrop faster and simpler for journalists to use. It consists of multiple GUI applications and services that span across a suite of SaltStack-provisioned, task-specific virtual machines.\u003c/li\u003e\n\u003cli\u003eSecureDrop Protocol: an end-to-end protocol designed specifically for whistleblowing systems, and intended for a future reimplementation of SecureDrop Server. This also encompasses our work on WEBCAT, to verify the integrity of code running in the browser.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor now, our main focus is on improving and expanding the functionality of SecureDrop Workstation, while maintaining SecureDrop Server. Future plans include a rewrite of the server application, using SecureDrop Protocol, to allow for easier deployments while preserving the security properties of the current system. As part of the team, a successful candidate will have a key role in these efforts.\u003c/p\u003e\n\u003ch2\u003eResponsibilities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eManage and mentor a high-performing team, fostering a collaborative, mission-driven culture:\n\u003cul\u003e\n\u003cli\u003eHelp address impediments or blockers to your team’s progress, be they administrative, technical, or organizational\u003c/li\u003e\n\u003cli\u003eFacilitate the development of individual and team goals, and, in collaboration with the team’s tech lead, make regular updates to the SecureDrop development road map\u003c/li\u003e\n\u003cli\u003eRepresent team members within the organization, while creating opportunities for your team to do so as well\u003c/li\u003e\n\u003cli\u003eDevelop best practices in asynchronous collaboration, including clear documentation of discussions and decisions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eProvide performance reviews, and plan and implement compensation changes in coordination with leadership and HR\u003c/li\u003e\n\u003cli\u003eIdentify key capacity gaps within the team and act as hiring manager for agreed-upon hires on your team\u003c/li\u003e\n\u003cli\u003eEnsure effective planning and facilitation of team meetings in the context of a distributed team spanning multiple time zones\u003c/li\u003e\n\u003cli\u003eManage the development process and ensure effective, agile project management of the SecureDrop team’s commitments\u003c/li\u003e\n\u003cli\u003eManage and oversee the SecureDrop team’s budget, and collaborate with the fundraising team on grant proposals and other fundraising initiatives\u003c/li\u003e\n\u003cli\u003eManage relationships with external vendors for purposes such as security audits or project-level engagements\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eQualifications\u003c/h2\u003e\n\u003ch3\u003eRequired\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eProven engineering leadership and people management experience: three-plus years of experience as a software or infrastructure engineer, and four-plus years as a manager for a team that ships production code\u003c/li\u003e\n\u003cli\u003eAgile project stewardship: demonstrated ability to run sprint planning, retrospectives, backlog grooming, or comparable team processes for a distributed team\u003c/li\u003e\n\u003cli\u003eHiring and capacity building: experience crafting role definitions, running inclusive interview and review processes, and onboarding new engineers\u003c/li\u003e\n\u003cli\u003eCommitment to public-interest journalism: You’re motivated to advance press freedom and whistleblower protection through open source technology\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreferred\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExperience contributing to or managing open source projects with external contributors and stakeholders\u003c/li\u003e\n\u003cli\u003ePractical experience with secure software development life cycles, threat modeling, incident response, and coordinating independent security audits.\u003c/li\u003e\n\u003cli\u003eExperience leading asynchronous teams across time zones\u003c/li\u003e\n\u003cli\u003eWorking knowledge of Python, Rust, Git, and other technologies used as part of SecureDrop development\u003c/li\u003e\n\u003c/ul\u003e", "date_published": "2025-06-03T00:00:00Z", "date_modified": "2025-06-03T14:27:04Z", "author": { "name": "crew@apply (apply.coop)" }, "authors": [ { "name": "crew@apply (apply.coop)" } ] } ] }