Cybersecurity Program Lead (all genders) at Sovereign Tech Agency

The Sovereign Tech Agency's mission: to strengthen the foundations of an open and free digital world. We see open digital infrastructure as the roads and bridges of our digital society – essential for the flow of information, for government, industry, and innovation. At the heart of this infrastructure is free and open source software, which is indispensable for a democratic society and has established itself as the world's most successful software development model.

With a commission from the Federal Ministry for Economic Affairs and Climate Action, we invest in critical open source software, develop programs and instruments that sustainably secure the open source ecosystem, and support the people behind the code. We are the only organization of our kind in Europe, and we are leading the way on how governments engage with digital infrastructure and open source technology. Our vision: digital resilience, technological diversity, and the safeguarding of digital public services. Together, we are shaping a sovereign digital future.

Our team is growing, that’s why the Sovereign Tech Agency is looking for an experienced and innovative expert in open source security to lead the Sovereign Tech Resilience program.

We are looking for an experienced and innovative Cybersecurity Program Lead to manage and scale the Sovereign Tech Resilience program at the Sovereign Tech Agency.

Launched by the Sovereign Tech Agency in 2023, Sovereign Tech Resilience improves the security posture of critical open source projects by addressing technical debt, commissioning security audits, and fostering a culture of resilience through a bug-and-fix bounty system. This program serves the public interest and societal resilience by enhancing the reliability and security of critical open source software that underpins modern digital infrastructure. Sovereign Tech Resilience actively invests in and collaborates with the open source communities.

As the Cybersecurity Program Lead, you will oversee the program’s daily operations, enhance its impact, and build connections with global open source communities and security researchers.

Your Tasks

Program Management

• Lead and coordinate the daily operations of the Sovereign Tech Resilience program
• Communicate with service providers and oversee the operation of the program
• Onboard and manage relationships with program applicants from the open source ecosystem, build and maintain strong relationships with open source communities and security researchers
• Administer the bug bounty platform, including monitoring vulnerability reports, tracking bug fixes, and ensuring timely bounty payments
• Represent the Sovereign Tech Agency at conferences, workshops, and other industry events

Strategic Development:

• Continuously evaluate and improve the program’s processes and services to ensure effectiveness and scalability
• Develop innovative concepts to enhance vulnerability management for critical open-source projects

• Strong knowledge of open source ecosystems and information security practices
• Demonstrated experience in program management or coordination, preferably in cybersecurity or open source contexts
• Strong networking and relationship-building skills
• Creativity and enthusiasm for developing and scaling innovative initiatives like the Sovereign Tech Resilience program
• An interest in serving the public interest by improving the security and resilience of critical open-source infrastructure
• Demonstrated dedication to fostering collaboration and security within the global open source community
• Strong communication skills in English, both written and verbal - Our internal working language is English
• Team player: you enjoy collaborating with coworkers, active and open communication, and both giving and receiving feedback
• Working independently: Your work is self-directed and proactive, utilizing modern collaboration tools

For us, your motivation is as important as your resume. We explicitly welcome applications that do not meet all requirements. We would also be happy to learn more about additional skills and attributes in your cover letter that are not listed here but are relevant to the position.

• Based on experience and qualifications, the annual compensation for this role is (at 40 hours per week) 70,000 to 85,000 Euro.
• Flexible and remote-friendly work arrangements for all family and life situations, from our office in Berlin-Mitte, from home, or in a hybrid model
• Please note: we have one to two in-person team meetings in or around Berlin per year, and almost all meetings are scheduled during GMT +1 working hours.
• 30 days of vacation (based on a 5-day workweek)
• Support for your professional and personal development, including the opportunity to attend international conferences
• In our small, agile team, your perspective matters: we explicitly welcome you to contribute ideas and suggestions about how we can develop as an organization and to actively participate in shaping our future

We are a diverse team and welcome applications from BPoC (Black and People of Color), individuals with disabilities, people with migration backgrounds, and individuals from other groups underrepresented in technology development.

If you belong to these groups, please feel free to mention it in your application. However, we request that you refrain from including a photo of yourself or any information about your age, gender, marital status, or similar details in your documents.

Please send us your application with a cover letter and resume and we will confirm receipt of your documents by email and let you know the next steps. We will set up an introductory meeting as soon as possible, depending on your availability, either in person in Berlin or via video call. The position will remain open at least until 6 February 2025.