Chainguard

Chainguard

Chainguard: Fortified Software Delivery Security for developers and CISOs, ensuring secure by default infrastructure and zero workflow friction.

Internet Software & Services
51-250
Founded 2021
$55M raised

Description

  • Design, build, and maintain secure CI/CD pipelines with security gates that catch issues before production.
  • Systematically capture and track the risk exposure of Chainguard’s products.
  • Implement and enforce software supply chain security controls such as signed artifacts, SBOMs, and provenance attestation.
  • Identify emerging customer security needs and build solutions to address them.
  • Lead security architecture reviews and threat models for Kubernetes-based workloads running on GCP and AWS.
  • Harden container images, Kubernetes cluster configurations, and cloud IAM postures to reduce attack surface.
  • Define and drive adoption of baseline security standards for pod security, network policies, workload identity, and secrets management.
  • Evaluate and operationalize CNAPP/CSPM tooling to maintain continuous visibility into cloud-native risk.

Requirements

  • 7+ years of experience in software engineering, security engineering, or a combined role with significant hands-on security responsibility.
  • Strong proficiency in Go or Python and ability to write, review, and debug production-quality code.
  • Deep hands-on experience with Kubernetes in production, including cluster hardening, RBAC, network policies, and admission controllers.
  • Practical experience with GCP and/or AWS, including IAM, workload identity, secrets management, and security services such as GCP Security Command Center or AWS Security Hub.
  • Proven experience designing and securing CI/CD pipelines using GitHub Actions, Cloud Build, Tekton, or similar tools.
  • Experience with container security, including image scanning, distroless or minimal base images, and runtime security.
  • Experience with software supply chain security tooling and frameworks such as Sigstore, SLSA, and SBOM generation.
  • Solid understanding of OWASP, NIST, and cloud security frameworks and how to apply them pragmatically.
  • Familiarity with Chainguard Images or other minimal and hardened container base image ecosystems, preferred.
  • Experience with policy-as-code tools such as OPA, Kyverno, or Conftest, preferred.
  • Contributions to open source security projects, preferred.
  • Background in security research or offensive security such as bug bounty, CTFs, or penetration testing, preferred.

Benefits

  • Flexible remote-first culture with team meetup opportunities and bi-annual destination summits.
  • Monthly stipend for coworking spaces, phone, and internet costs.
  • Stock options upon hire and promotion, with participation in secondary offerings and 10 years to exercise options.
  • 100% company-covered health, vision, and dental insurance for employees and dependents.
  • Unlimited flexible time off.
  • 18 weeks paid parental leave for birthing parents and 12 weeks for non-birthing parents.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Ingeniero DevOps Cloud (AWS & Kubernetes) - CDMX

Orion Innovation 1K-5K IT Services

Orion Innovation is hiring a Cloud DevOps Engineer to design and maintain AWS-based continuous delivery infrastructure for scalable, secure, highly available applications.

Argo CD AWS Bash CloudFormation Datadog Docker Flux GitHub Actions GitOps Go Grafana Helm Kubernetes Node.js Prometheus Python Terraform
15 hours, 54 minutes ago

Senior DevOps Engineer

Exadel 1K-5K Internet Software & Services

Exadel is hiring a DevOps/Cloud Infrastructure professional to support a vehicle lifecycle solutions client in building, deploying, and operating scalable application and Kubernetes environments for enterprise transportation technology.

AWS Azure CI/CD Docker Git GitLab GitOps Jenkins Kubernetes Maven Microservices SQL Server
16 hours, 9 minutes ago

DevOps Engineer

Buyers Edge Platform 251-1K IT Services

Buyers Edge Platform is hiring a DevOps Engineer to improve the reliability, cost efficiency, and operational performance of its hosted infrastructure and internally developed applications supporting the foodservice technology business.

Ansible AWS Bash Chef CI/CD CircleCI Git GitHub Actions GitLab Go Jenkins Kubernetes MySQL Puppet Python Terraform
16 hours, 39 minutes ago

Senior Manager, Engineering

Sumo Logic 251-1K Internet Software & Services

Sumo Logic is hiring a Senior Manager, Engineering for Application Security to lead global programs that improve product security, reliability, and operational efficiency across its cloud platform.

Agile AWS C++ Docker GCP Java Kafka Kubernetes OWASP Ruby Scala SIEM
16 hours, 39 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers