RemoteLeaf Logo
Log in Sign up

Principal Product Security Researcher

1 day, 11 hours ago
Canada
Full-time
Lead
Application Security Engineer
DevOps and Infrastructure
AWS GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
Apply Now
Chainguard

Chainguard

Chainguard: Fortified Software Delivery Security for developers and CISOs, ensuring secure by default infrastructure and zero workflow friction.

Internet Software & Services
51-250
Founded 2021
$55M raised
View All Jobs 54

Description

  • Design, build, and maintain secure CI/CD pipelines with security gates that catch issues before production.
  • Systematically capture and track the risk exposure of Chainguard’s products.
  • Implement and enforce software supply chain security controls such as signed artifacts, SBOMs, and provenance attestation.
  • Identify emerging customer security needs and build solutions to address them.
  • Lead security architecture reviews and threat models for Kubernetes-based workloads running on GCP and AWS.
  • Harden container images, Kubernetes cluster configurations, and cloud IAM postures to reduce attack surface.
  • Define and drive adoption of baseline security standards for pod security, network policies, workload identity, and secrets management.
  • Evaluate and operationalize CNAPP/CSPM tooling to maintain continuous visibility into cloud-native risk.

Requirements

  • 7+ years of experience in software engineering, security engineering, or a combined role with significant hands-on security responsibility.
  • Strong proficiency in Go or Python and ability to write, review, and debug production-quality code.
  • Deep hands-on experience with Kubernetes in production, including cluster hardening, RBAC, network policies, and admission controllers.
  • Practical experience with GCP and/or AWS, including IAM, workload identity, secrets management, and security services such as GCP Security Command Center or AWS Security Hub.
  • Proven experience designing and securing CI/CD pipelines using GitHub Actions, Cloud Build, Tekton, or similar tools.
  • Experience with container security, including image scanning, distroless or minimal base images, and runtime security.
  • Experience with software supply chain security tooling and frameworks such as Sigstore, SLSA, and SBOM generation.
  • Solid understanding of OWASP, NIST, and cloud security frameworks and how to apply them pragmatically.
  • Familiarity with Chainguard Images or other minimal and hardened container base image ecosystems, preferred.
  • Experience with policy-as-code tools such as OPA, Kyverno, or Conftest, preferred.
  • Contributions to open source security projects, preferred.
  • Background in security research or offensive security such as bug bounty, CTFs, or penetration testing, preferred.

Benefits

  • Flexible remote-first culture with team meetup opportunities and bi-annual destination summits.
  • Monthly stipend for coworking spaces, phone, and internet costs.
  • Stock options upon hire and promotion, with participation in secondary offerings and 10 years to exercise options.
  • 100% company-covered health, vision, and dental insurance for employees and dependents.
  • Unlimited flexible time off.
  • 18 weeks paid parental leave for birthing parents and 12 weeks for non-birthing parents.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Bluelight Consulting

DevOps Engineer - Remote, Latin America

Bluelight Consulting 11-50 Internet Software & Services

Bluelight is hiring a remote DevOps Engineer in Latin America to support cloud infrastructure, deployment, and operations for a fast-growing software consultancy serving technology clients.

Latin America Mexico Full-time Senior DevOps Engineer
Ansible AWS Azure Chef CircleCI GCP GitLab Helm Jenkins Kubernetes Load Balancing Pulumi Puppet Terraform
54 minutes ago
MLabs

DevOps / Infrastructure Engineer

MLabs 11-50 Internet Software & Services

MLabs is hiring an Infrastructure & DevOps Engineer to own deployment, secure networking, and reliability for a distributed fleet of managed personal AI trading agents running on blockchain infrastructure.

United States Full-time Senior DevOps Engineer Infrastructure Engineer
$100k-$130k
AWS Blockchain CI/CD Docker Fly.io LLM Railway Render Secrets Management
1 hour, 14 minutes ago
GuidePoint Security

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Security Engineering professional to implement and operationalize application security tooling and practices across software development and CI/CD environments for a broad range of customer-facing security engagements.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
3 hours, 30 minutes ago
Bluelight Consulting

DevOps Engineer - Remote, Latin America

Bluelight Consulting 11-50 Internet Software & Services

Bluelight is hiring a remote DevOps Engineer in Latin America to support cloud infrastructure, deployment, and operations for client projects in a fast-growing software consultancy.

Latin America Brazil Full-time Mid Level DevOps Engineer
Ansible AWS Azure Chef CircleCI GCP GitLab Helm Jenkins Kubernetes Load Balancing Pulumi Puppet Terraform
5 hours, 58 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers