This job ad has been posted over 40 days ago! (*)


Systems Developer / Systems Administrator Full-time

Published at 2021-05-04 - Viewed: 996 times - The Calyx Institute (Worldwide/Remote)

The Calyx Institute is a not-for-profit education and research organization devoted to studying, testing, developing, and implementing privacy technology and tools to educate the public and promote free speech, free expression, civic engagement and privacy rights on the internet and in the mobile telephone industry. Calyx offers a range of tools and technologies for secure communications and censorship circumvention to users around the globe.

The systems administrator / systems developer role will become responsible for developing and maintaining parts of The Calyx Institute’s infrastructure. We are looking for someone to help modernize, update, and properly document these services and their setup as Calyx continues to grow. Our digital services include our instances of Jitsi, CalyxVPN (running on the Bitmask platform), Mumble, XMPP/Jabber, Mail, Tor servers and Onion services, our website, DNS, and mirror servers for partner organizations (such as the Tor Project).

We think a successful candidate for this role would join us with the skills and experience to be able to…

  • Git: forking, branching, merging, reviewing, and rebasing.
  • Ansible: writing ansible playbooks, deploying and maintaining servers using ansible, and troubleshooting problems.
  • Interest in containers: building and registering images, deploying containers, upgrading containers.
  • Use SSH: generating keys, validating host keys, installing authorized keys.
  • Ease and comfort using command line tools and shell scripts in a Linux environment.

Bonus points if you have experience with or an interest in:

  • Security planning: some previous exposure to information security basics, such as inventory management, upgrade and security patch management, and threat modeling.
  • Container orchestration: some previous exposure to any container orchestration system, such as Kubernetes, Docker Swarm, etc.
  • Debian: experience with Debian or another apt-based Linux distribution.
  • Networking: some previous exposure to topics in network administration, including network optimization, isolation, BGP routing, DDoS mitigation, and so on.
  • Working on other privacy, security, or censorship-circumvention technologies or projects.

We know that there are amazing candidates that won’t match the job description as we’ve written it. We don’t expect you to meet all of the above requirements. If you feel that you meet several of these requirements or could meet them with a little support, we would love to hear from you. At The Calyx Institute, we all wear many hats, but we don’t expect anyone to wear every hat.

In the coming year, we expect that you would be able to:

  • System Administration: manage Calyx Institute servers using best practices such as infrastructure-as-code, regular backups, failure recovery plans, timely updates and security patches, data minimization, and privilege isolation.
  • System Development: lead the design and automation of Calyx’s public and private digital services, currently including CalyxOS build pipeline, voice conference, VPN, chat, email, DNS, Tor gateways, support tickets, and various web services.
  • Information Security: coordinate regular assessments of Calyx Institute’s security profile, including practices for signing builds, maintaining keys, use of email, patch management, safeguarding data, and privilege assignment.

In the long term, we expect that you will be able to:

Help us to design and deploy the next generation of Calyx Institute infrastructure, including containerization, continuous integration, centralized logging, privacy-respecting analytics, threat detection, high availability, single-sign on, and scalable storage for CalyxOS user backups and data synchronization.

We think this role might be an especially good fit for someone who…

Wants to be engaged in our mission of educating the public about privacy and surveillance, and our work in providing privacy-by-design services and working support users who are disproportionately targeted by surveillance and censorship.

« More jobs in administrators