Making the software supply chain secure by default.
Senior Product Security Engineer
Location
United States
Posted
1 day ago
Salary
$157K - $184K / year
Seniority
Senior
Job Description
Senior Product Security Engineer
Chainguard
• Design, build, and maintain secure CI/CD pipelines with security gates that catch issues before they reach production. • Systematically, consistently and automatically capture the risk exposure of Chainguards products. • Implement and enforce software supply chain security controls: signed artifacts, SBOMs, provenance attestation (SLSA, Sigstore / Cosign). • Proactively identify emerging customer security needs, and build solutions to meet these. • Lead security architecture reviews and threat models for Kubernetes-based workloads running on GCP and AWS. • Harden container images, Kubernetes cluster configurations, and cloud IAM postures — minimising attack surface across our product stack. • Define and drive adoption of baseline security standards: pod security standards, network policies, workload identity, secrets management. • Evaluate and operationalise CNAPP / CSPM tooling to maintain continuous visibility into cloud-native risk.
Job Requirements
- 5+ years in software engineering, security engineering, or a combined role with meaningful hands-on security responsibility throughout.
- Strong proficiency in Go or Python, with the ability to write, review, and debug production-quality code.
- Deep, hands-on experience with Kubernetes in production (cluster hardening, RBAC, network policies, admission controllers).
- Practical expertise with GCP and/or AWS: IAM, workload identity, secrets management, security services (e.g., GCP Security Command Center, AWS Security Hub).
- Proven track record designing and securing CI/CD pipelines (GitHub Actions, Cloud Build, Tekton, or similar).
- Fluency with container security: image scanning, distroless/minimal base images, runtime security.
- Experience with software supply chain security tooling and frameworks (Sigstore, SLSA, SBOM generation).
- Solid understanding of OWASP, NIST, and cloud security frameworks and how to apply them pragmatically.
Benefits
- Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a monthly stipend for coworking spaces, phone and internet costs.
- Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options (yes, you read that correctly: 10 years!).
- 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents. Nothing comes out of your paycheck.
- ∞ Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset.
- 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Security Engineering Lead
CiscoCisco is a publicly-traded, award-winning global technology solutions firm. Established in 1984 by a group of Stanford University computer scientists, Cisco has
• Act as the primary technical point of contact for MLPS assessments and Chinese regulatory inquiries. • Explain Dashboard infrastructure, system architecture, data flows, and security controls to assessors and regulators. • Partner with global Compliance and Security teams to prepare evidence, documentation, and responses for MLPS. • Coordinate with Engineering Teams to validate and implement required controls. • Track regulatory changes in China and assess impact to Dashboard services. • Contribute to audit readiness, remediation efforts, and continuous compliance improvements.
• Build and configure a COMS mock-up environment within the NATO Software Factory • Recreate Jira and Confluence workflows, processes, plugins, and integrations • Implement automation and synchronization mechanisms between environments • Analyse and document functional and non-functional requirements • Produce technical documentation suitable for third-party vendors • Create demonstration materials and technical walkthroughs • Support live demonstrations and stakeholder presentations • Collaborate with NATO and NCIA subject matter experts
• Design and refine security profiles for NATO communication standards • Analyze compliance with NATO Data Centric Security (DCS) requirements • Develop proof-of-concept implementations and concept demonstrators • Support interoperability and validation exercises • Design and execute security validation testing • Produce technical specifications and standards documentation • Develop and maintain software components supporting secure information exchange • Contribute to SCRUM-based development teams • Support knowledge transfer and technical handover activities
• Support the development of Next Generation Network (NGN) architectures • Evaluate current and emerging 5G and 6G technologies for military applications • Develop technical studies, white papers, and architecture artefacts • Analyse secure communications concepts and network architectures • Conduct readiness assessments and technology maturity evaluations • Review Network Management and Cyber Defence concepts • Present findings and recommendations to NATO stakeholders • Contribute to future communication strategies and capability development
