Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Freelancer for Software Supply Chain and Vulnerability Management (d/f/m)

Remote: 
Full Remote
Contract: 
Freelance
Work from: 
Germany

Offer summary

Qualifications:

Strong experience in supply chain security monitoring, particularly with SBOMs, CVE/CVSS, and VEX., Hands-on experience with open-source security scanners like Trivy., Familiarity with OCI registries and Linux container artifacts such as Docker images and Helm charts., Experience in automating security workflows using GitLab CI pipelines..

Key responsabilities:

  • Help improve workflows and tooling for supply chain vulnerability management.
  • Monitor container images for known security vulnerabilities and automate continuous security checks.
  • Contribute to the implementation of tools for assessing vulnerabilities and generating VEX information.
  • Enhance license management and compliance monitoring by generating SBOMs.

Univention logo
Univention SME https://www.univention.com/
51 - 200 Employees
See all jobs

Job description

Was dich erwartet
  • Help improve our workflows and tooling for supply chain vulnerability management, including generating, signing, and publishing SBOMs, performing CVE scans, and efficiently analyzing scan results
  • Play a key role in monitoring container images for known security vulnerabilities while automating continuous security checks
  • Contribute to the implementation of tools and processes for assessing vulnerabilities and generating/publishing Vulnerability Exploitability (VEX) information
  • Enhance license management and compliance monitoring by generating SBOMs and validating the results of automatic license detection
Was du mitbringst
  • Strong experience in supply chain security monitoring, particularly SBOMs, CVE/CVSS, and VEX
  • Hands-on experience with open-source security scanners (e.g., Trivy), including scanner operation and interpreting security findings
  • Experience in VEX generation, maintenance, and publishing
  • Familiarity with OCI registries and Linux container artifacts (e.g., Harbor registry, Docker images, Helm charts)
  • Experience in automating security workflows using GitLab CI pipelines
Was wir dir bieten
  • A company that is 100% committed to open source
  • professional work environment with flat hierarchies and a culture of mutual respect
  • A supportive and open-minded team that values collaboration, integrity, and transparency

Interested? Apply online via our application form or send an email to jobs@univention.de. Let us know your availability and daily rate.
Apply for this job
Über uns
Wir setzen uns für einen nachhaltigen, offenen und fairen digitalen Wandel ein, von dem Organisationen und Menschen maximal profitieren. Mit Univention Corporate Server haben wir eine offene Open Source Plattform für Identitätsmanagement sowie für Bereitstellung und Integration von Anwendungen entwickelt, die Organisationen die volle Kontrolle über ihre Daten und Prozesse und die Wahlmöglichkeit, wem sie welche Daten übergeben, zurückgibt. Diese Freiheiten sind unserer Überzeugung nach die Voraussetzungen für Innovation, Wettbewerbsfähigkeit und digitale Souveränität.

Wenn du mehr über uns erfahren möchtest, dann informiere dich auf „Warum Univention“ über uns.

Required profile

Experience

Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Vert.xSupply ChainGit (Version Control System)

Other Skills

  • Collaboration
  • Personal Integrity
Are you interested?

Related jobs

See more jobs