Formerly a climber; a cycling commuter (WFH now); nerding out - mostly infra and backend; relativistic view on what’s right and usually it’s not k8s; o11y and cloud economics; swinging between tech and management.
Montreal; RL snow day for some weird reason; Home Assistant, mostly Zigbee. Quad-line kites.
| pronouns | he/him |
Global remote:
Open Home Foundation is the nonprofit behind the popular Home Assistant open source home automation projects
Security Engineer: to £71k/€78k by location, Python and IOT experience
https://jobs.ashbyhq.com/openhomefoundation/c3089fc1-31ef-4cee-9ab0-68a94b1dfdb6
Partnership Manager: to £74k/€82k/CA$125k by location, working with hardware partners and language skills like Mandarin would be a plus
https://jobs.ashbyhq.com/openhomefoundation/873493f1-c936-4ed3-9fd4-8b15b70c13fa
We are looking for The Open Home Foundation is looking for a Security Engineer to join our Home Assistant team. This role focuses on keeping Home Assistant and its ecosystem secure by owning the intake and coordination of reported security issues, strengthening our CI/CD and release security, and proactively reducing risk through audits, testing, and security improvements. You will work closely with engineering, and the broader open-source community to improve our security posture across code, build pipelines, dependencies, and releases. What you are going to do - Own security issue intake and coordination by triaging reports submitted via our established channels (including private reports through GitHub Security Advisories and our security contact process), reproducing issues where needed, coordinating fixes with maintainers, and ensuring responsible disclosure practices. - Drive timely remediation by tracking SLAs, communicating status with reporters and internal stakeholders, and coordinating releases and backports when required. - Harden our CI/CD and release workflows by improving build pipeline security, secrets management, artifact integrity, and access controls; and by reducing exposure to supply chain attacks. - Strengthen supply chain defenses by improving dependency and artifact verification, provenance, signing, and monitoring; and by hardening the paths through which third-party code and integrations enter the ecosystem. - Build preventive security practices by introducing and continuously improving security testing and scanning in our engineering workflows; including SAST/DAST where appropriate, dependency and artifact scanning, and CI/workflow static analysis. - Coordinate external security work by scoping and managing third-party audits, pentests, and targeted reviews; and by ensuring findings are remediated effectively. - Create and maintain security processes and documentation that are clear, repeatable, and community-friendly, including runbooks for incident response and disclosure. - Collaborate with the community by supporting maintainers and contributors with guidance, reviewing security-relevant pull requests, and helping raise security awareness across the project. What you need to have - 5+ years preferred, or 3+ years with strong, demonstrated ownership in vulnerability management and CI/CD / supply-chain security. - Demonstrated experience triaging and coordinating vulnerability reports (e.g., CVEs, responsible disclosure workflows) and driving remediation across multiple stakeholders. - Strong understanding of software supply chain security (dependencies, build systems, artifacts, signing, provenance, CI/CD hardening). - Experience securing CI/CD pipelines (e.g., GitHub Actions), including secrets management, permissions, token scopes, and isolation. - Practical knowledge of secure software development practices and ability to perform risk assessments and security reviews. - Ability to work independently, with strong problem-solving skills and attention to detail. - Extensive proficiency with Git and GitHub workflows (pull requests, reviews, merging, etc.). - Professional fluency in English, excellent written and verbal communication skills in English. - European residency, you must be currently based in Europe and eligible to work within it. It would be great if you also have - Experience with Python ecosystems and packaging (pip, PyPI), dependency management, and common security tooling. - Familiarity with SBOMs, SLSA, signing and attestations (e.g., Sigstore/cosign), and reproducible builds. - Experience with incident response and post-incident reviews. - Prior contributions to Home Assistant or other open-source projects. - Experience working with IoT / smart home software and threat models. - Experience improving security testing and integrating checks into developer workflows. - Affinity for the open-source philosophy and community-driven development. - A passionate Home Assistant user, or a strong interest in smart home technology and automation. What we offer you The Open Home Foundation is a fully remote organization that uses an Employer of Record to employ people from all over the world. You will be a normal salaried employee in your country. This is a full-time position for 40 hours per week. Because we are a fully remote company, there is no fixed schedule. For the purpose of team communication, we do try to ensure at least 3 hours of overlap in the workday. You will report to the Home Assistant Lead, who is based in the Netherlands. Core to the establishment of the Open Home Foundation was the well-being of the people building the future of the smart home. We will provide all the benefits required by the country you reside in. However, we also want to make sure all our employees, regardless of country of origin, get at least a minimal set of benefits, including: - Five weeks (twenty-five days) of paid time off. - Fourteen days of paid sick leave if your country/laws treat them as unpaid. - Six weeks of paid and six weeks of unpaid parental leave to be used in the first year after birth. We will provide the missing days if your country/laws do not provide such compensation. - A budget for your work hardware once you start. - A 50% contribution to your internet connection fee at your home workspace. - If you are currently working on Home Assistant-related side projects, you can spend work time maintaining them. When first offering a position to a new member, the Open Home Foundation aims to provide a total compensation package that matches the 75th percentile for the new hire's role, seniority, and local market rates. For a Security Engineer in our primary operating countries, the approximate yearly compensation will be the following: - Netherlands: 78.000 EUR - UK: 71.000 GBP - Spain / Portugal: 58.000 EUR - Italy: 64.000 EUR - Other countries: compensation can be discussed during the first interview. These figures may be adjusted based on experience, qualifications, and work hours. About us The Open Home Foundation is a non-profit organization based in Switzerland, with the objective of fighting for the fundamental principles of privacy, choice, and sustainability for smart homes. It does this by supporting the development of open-source projects, and open connectivity and communication standards. A big part of this is Home Assistant https://www.home-assistant.io/, the biggest https://github.blog/news-insights/octoverse/octoverse-2024/#the-state-of-open-source open-source project in number of contributors, but the Open Home Foundation also owns or collaborates with other projects important to promoting privacy, choice, and sustainability in the smart home, like: - Open hardware tools (e.g., ESPHome https://esphome.io/, ESP Web Tools https://esphome.github.io/esp-web-tools/) - Open standards (e.g., Python Matter Server https://github.com/home-assistant-libs/python-matter-server, Z-Wave JS https://github.com/zwave-js, ZigPy https://github.com/zigpy/zigpy, BTHome https://bthome.io/, Improv Wi-Fi https://www.improv-wifi.com/) - Open voice (e.g., Rhasspy https://github.com/rhasspy/rhasspy, Wyoming Protocol https://www.home-assistant.io/integrations/wyoming/, Piper https://github.com/rhasspy/piper) The recruitment process 1. Apply for the role 2. Our HR team will review your application with the hiring manager 3. Interview with HR 4. Technical assessment 5. Interview with the team 6. Offer 7. Join our team!
Canada, Remote:
Nabu Casa builds Home Assistant, popular FOSS for home automation
Backend Developer: $128k, 5+ years dev experience with 2 years using Node +TypeScript
https://jobs.ashbyhq.com/nabucasa/deaeead1-8214-4b23-b23b-c8c21aa07c3f
ABOUT NABU CASA Nabu Casa, Inc was founded in 2018 by the founders of both Home Assistant https://home-assistant.io/, the open source home automation platform, and Home Assistant OS https://github.com/home-assistant/operating-system, the operating system that turns your device into a smart home hub powered by Home Assistant. These projects have seen an immense growth and have helped shape DIY home automation communities around the world. After being involved in the Internet of Things industry for many years, we realized that there is a need for a cloud service that aims to put users, their privacy and their data first. Such a cloud can only be built as an extension to a platform that does the same: Home Assistant. With Nabu Casa we are building this cloud service and we’re calling it Home Assistant Cloud. We are a profitable company with no external investors. Our funding comes directly from users who subscribe to Home Assistant Cloud and purchase Home Assistant hardware, ensuring our only stakeholders are our employees and our users. We also support other open-source projects, including those focused on hardware, standards, and voice technology. THE ROLE Nabu Casa is looking for a full-time backend developer to join our Cloud & Infrastructure team and work primarily on Home Assistant Cloud services. As one of the most active open-source projects in the world, Home Assistant exists because of its community. To empower this community and allow more users to enjoy the harder-to-reach features of Home Assistant, we have created our subscription service, Home Assistant Cloud. This service gives the community access to features usually reserved for power users with expensive hardware at home. Current features such as remote access and text-to-speech / speech-to-text support are made available without ever compromising on privacy. We're looking for someone who will maintain the existing features and infrastructure and help us create valuable new features with efficiency and privacy in mind. WHAT YOU ARE GOING TO DO - Contribute to the design and implementation of scalable, high-performance, and reliable backend applications - Participate in code reviews as part of our collaborative development process - Collaborate with cross-functionally to define, design, and ship new features. - Contribute to maintaining and improving the performance, quality, and responsiveness of the cloud services - Implement security and data protection best practices in your work - Stay up-to-date with industry trends and share best practices with the team. WHAT YOU NEED TO HAVE - At least five years of professional experience in back-end development. - At least two years of professional experience in Node.js/Typescript - Basic knowledge of system administration - Experience with cloud services (preferably AWS) - Experience with Git & Github - Be based in Canada and able to cover Eastern → Pacific timezones (UTC-5 → UTC-8) - Fluent in English, both written and spoken IT WOULD BE GREAT IF YOU ALSO HAVE - Experience in NestJS, Elixir, Terraform, Grafana or Python - Personal experience using Home Assistant https://www.home-assistant.io/ - Knowledge in modern frontend app development - Affinity with open-source development and philosophy WHAT WE OFFER Nabu Casa is a fully remote organization that uses Remote to employ people from all over the world. You will be a normal salaried employee in your country. This is a full-time position for 40 hours per week. Because we are a fully remote company, there is no fixed schedule. For the purpose of team communication, we do try to ensure at least 3 hours of overlap in the workday. You will report to our Cloud team’s engineering manager, based in France. Core to the establishment of Nabu Casa was the well-being of the people building the future of the smart home. We will provide all the benefits required by the country you reside in. However, we also want to make sure all our employees, regardless of country of origin, get at least a minimal set of benefits, including: - Five weeks (twenty-five days) of paid time off. - Fourteen days of paid sick leave if your country/laws treat them as unpaid. - Six weeks of paid and six weeks of unpaid parental leave to be used in the first year after birth. We will provide the missing days if your country/laws do not provide such compensation. - A budget for your work hardware once you start. After three years, you may keep this equipment for personal use. - An annual smart home budget ensures you keep up-to-date with the latest smart homes offer. - A 50% contribution to your internet connection fee at your home workspace. - One day every two weeks to work on your personal projects. - If you are currently working on Home Assistant-related side projects, you can spend work time maintaining them. When first offering a position to a new member, Nabu Casa aims to provide a total compensation package that matches the 75th percentile for the new hire's role, seniority, and local market rates. For this role, the approximate yearly compensation will be the following: - Canada 128.000 CAD. These figures may be adjusted based on experience, qualifications, and work hours. ABOUT US Nabu Casa funds the development of Home Assistant and other projects at the Open Home Foundation, Nabu Casa is best known as the organization driving the development of Home Assistant, the world's largest free and open-source smart home platform. More than two million households benefit from its home automation capabilities. Powered by a worldwide community of open-source developers, GitHub ranked it the most active open-source project in the world in 2024. We were initially founded to ensure that the development of Home Assistant would remain sustainable as it kept growing, but over time it has grown to support more open home initiatives. In 2024, the Open Home Foundation was formed to protect these open-source projects and ensure they thrive into the future. Nabu Casa is a commercial partner of the foundation, and our principles are aligned with a joint commitment to privacy, choice, and sustainability in the smart home. These are the values that we put at the heart of every decision we make. It’s woven into our architecture, licensing, community, and everything else. Nabu Casa is profitable, has no external investors, and our only funding comes from people subscribing to Home Assistant Cloud and buying Home Assistant hardware. That means the only stakeholders we have to concern ourselves with are our employees and our users. Other Open Home Foundation projects and collaborations supported by Nabu Casa include: - Open hardware tools (e.g.,ESPHome, ESP Web Tools) - Open standards (e.g., Python Matter Server, Z-Wave JS, ZigPy, BTHome, Improv Wi-Fi) - Open voice (e.g., Rhasspy, Wyoming Protocol, Piper) - Music Assistant THE RECRUITMENT PROCESS - Apply for the role - Our team will review your application with the hiring manager - Screening - Technical Test - Team interview - Interview with our CTO - Offer - Join our team!
The only feature of 1Password that matters is their business dies overnight if they get hacked so they’ve thought harder about security than anyone you know.
You can’t vibe code that in two evenings no matter how much you ask Claude to “make it secure”
"I'm here to improve your mental health by showing you this video of a potato I found."
Lost Méliès film found, "Gugusse and the Automaton" (1897). The first movie with a robot!
https://blogs.loc.gov/loc/2026/02/lost-19th-century-film-by-melies-discovered-at-the-library/
Jess Rose
Canadiens Montréal 🤖
Andy Baio
Dare Obasanjo
AaronDavid
mhoye
Terra Field
Niles Essanay SilentFilmMuseum