Cybersecurity Program Lead (all genders) Sovereign Tech Agency

The Sovereign Tech Agency’s mission: to strengthen the foundations of an open and free digital world. We see open digital infrastructure as the roads and bridges of our digital society – essential for the flow of information, for government, industry, and innovation. At the heart of this infrastructure is free and open source software, which is indispensable for a democratic society and has established itself as the world’s most successful software development model. With a commission from the Federal Ministry for Economic Affairs and Climate Action, we invest in critical open source software, develop programs and instruments that sustainably secure the open source ecosystem, and support the people behind the code. We are the only organization of our kind in Europe, and we are leading the way on how governments engage with digital infrastructure and open source technology. Our vision: digital resilience, technological diversity, and the safeguarding of digital public services. Together, we are shaping a sovereign digital future.

Who we are looking for:

We are looking for an experienced and innovative Cybersecurity Program Lead to manage and scale the Sovereign Tech Resilience () program at the Sovereign Tech Agency. Launched by the Sovereign Tech Agency in 2023, Sovereign Tech Resilience improves the security posture of critical open source projects by addressing technical debt, commissioning security audits, and fostering a culture of resilience through a bug-and-fix bounty system. This program serves the public interest and societal resilience by enhancing the reliability and security of critical open source software that underpins modern digital infrastructure. Sovereign Tech Resilience actively invests in and collaborates with the open source communities. As the Cybersecurity Program Lead, you will oversee the program’s daily operations, enhance its impact, and build connections with global open source communities and security researchers.

Your Tasks:

Program Management:

• Lead and coordinate the daily operations of the Sovereign Tech Resilience program.
• Communicate with service providers and oversee the operation of the program.
• Onboard and manage relationships with program applicants from the open source ecosystem, building and maintaining strong relationships with open source communities and security researchers.
• Administer the bug bounty platform, including monitoring vulnerability reports, tracking bug fixes, and ensuring timely bounty payments.
• Represent the Sovereign Tech Agency at conferences, workshops, and other industry events.

Strategic Development:

• Continuously evaluate and improve the program’s processes and services to ensure effectiveness and scalability.
• Develop innovative concepts to enhance vulnerability management for critical open-source projects.

Your Qualities:

• Strong knowledge of open source ecosystems and information security practices.
• Demonstrated experience in program management or coordination, preferably in cybersecurity or open source contexts.
• Strong networking and relationship-building skills.
• Creativity and enthusiasm for developing and scaling innovative initiatives like the Sovereign Tech Resilience program.
• An interest in serving the public interest by improving the security and resilience of critical open-source infrastructure.
• Demonstrated dedication to fostering collaboration and security within the global open source community.
• Strong communication skills in English, both written and verbal.
• Team player: you enjoy collaborating with coworkers, active and open communication, and both giving and receiving feedback.
• Working independently: Your work is self-directed and proactive, utilizing modern collaboration tools.

What we offer:

• Based on experience and qualifications, the annual compensation for this role (at 40 hours per week) is 70,000 to 85,000 €.
• Flexible and remote-friendly work arrangements for all family and life situations, from our office in Berlin-Mitte, from home, or in a hybrid model.
• Please note: we have one to two in-person team meetings in or around Berlin per year, and almost all meetings are scheduled during GMT +1 working hours.
• 30 days of vacation (based on a 5-day work week).
• Support for your professional and personal development, including the opportunity to attend international conferences.
• In our small, agile team, your perspective matters: we explicitly welcome you to contribute ideas and suggestions about how we can develop as an organization and to actively participate in shaping our future.

We are a diverse team and welcome applications from BPoC (Black and People of Color), individuals with disabilities, people with migration backgrounds, and individuals from other groups underrepresented in technology development. If you belong to these groups, please feel free to mention it in your application. However, we request that you refrain from including a photo of yourself or any information about your age, gender, marital status, or similar details in your documents.

How to apply:

Please send us your application with a cover letter and resume by email to . We will confirm receipt of your documents by email and let you know what the next steps are. We will set up an introductory meeting as soon as possible, depending on your availability, either in person in Berlin or via video call. We will accept applications for this position through at least 6 February 2025. If you have any questions, please feel free to email us at .

#J-18808-Ljbffr