RemoteLeaf Logo
Log in Sign up

Staff Product Security Engineer

2 hours, 30 minutes ago
Canada
Full-time
Lead
Application Security Engineer
Cybersecurity
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
Apply Now
Chainguard

Chainguard

Chainguard: Fortified Software Delivery Security for developers and CISOs, ensuring secure by default infrastructure and zero workflow friction.

Internet Software & Services
51-250
Founded 2021
$55M raised
View All Jobs 62

Description

  • Design, build, and maintain secure CI/CD pipelines with security gates that catch issues before production.
  • Systematically capture and assess the risk exposure of Chainguard’s products.
  • Implement and enforce software supply chain security controls, including signed artifacts, SBOMs, and provenance attestation.
  • Identify emerging customer security needs and build solutions to address them.
  • Lead security architecture reviews and threat models for Kubernetes-based workloads on GCP and AWS.
  • Harden container images, Kubernetes cluster configurations, and cloud IAM postures to reduce attack surface.
  • Define and drive adoption of baseline security standards such as pod security standards, network policies, workload identity, and secrets management.
  • Evaluate and operationalize CNAPP/CSPM tooling to maintain continuous visibility into cloud-native risk.
  • Provide technical leadership and cross-team influence as an individual-contributor Staff-level engineer.

Requirements

  • 7+ years of experience in software engineering, security engineering, or a combined role with significant hands-on security responsibility.
  • Strong proficiency in Go or Python and the ability to write, review, and debug production-quality code.
  • Deep hands-on experience with Kubernetes in production, including cluster hardening, RBAC, network policies, and admission controllers.
  • Practical experience with GCP and/or AWS, including IAM, workload identity, secrets management, and security services such as GCP Security Command Center or AWS Security Hub.
  • Proven experience designing and securing CI/CD pipelines using tools such as GitHub Actions, Cloud Build, Tekton, or similar.
  • Strong knowledge of container security, including image scanning, distroless or minimal base images, and runtime security.
  • Experience with software supply chain security tooling and frameworks such as Sigstore, SLSA, and SBOM generation.
  • Solid understanding of OWASP, NIST, and cloud security frameworks and how to apply them pragmatically.
  • Familiarity with Chainguard Images or other minimal/hardened container base image ecosystems is preferred.
  • Experience with policy-as-code tools such as OPA, Kyverno, or Conftest is preferred.
  • Contributions to open source security projects are preferred.
  • Background in security research or offensive security, such as bug bounty, CTFs, or penetration testing, is preferred.

Benefits

  • Flexible remote-first work environment with team meetup opportunities and bi-annual destination summits.
  • Monthly stipend for coworking spaces, phone, and internet costs.
  • Stock options upon hire and promotion, with eligibility for secondary offerings and a 10-year exercise window.
  • 100% covered health, vision, and dental insurance for employees and dependents.
  • Unlimited flexible time off.
  • 18 weeks of paid parental leave for birthing parents and 12 weeks for non-birthing parents.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Funding Societies

Product Security Intern

Funding Societies 251-1K Capital Markets

Funding Societies | Modalku is seeking a Product Security Intern to help strengthen secure software development and security automation across its engineering environment using Generative AI and modern security tooling.

India Indonesia Malaysia Singapore Thailand Full-time Entry Level AI Engineer Application Security Engineer
Bash CI/CD Cybersecurity Encryption Generative AI Git Go JavaScript LLM Penetration Testing Python
1 hour, 21 minutes ago
Onit

Senior Application Security Engineer

Onit 251-1K IT Services

Onit is hiring a Senior Application Security Engineer in Pune to secure its SaaS applications, APIs, and AI-driven platform through hands-on security architecture, risk assessment, and vulnerability management.

India Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP GraphQL OAuth OpenID Connect REST API SAML SonarQube System Design
10 hours, 13 minutes ago
Brex

Application Security Engineer

Brex 1K-5K Diversified Financial Services

Brex is hiring an Application Security Engineer to help secure its finance platform by finding and responding to vulnerabilities, supporting secure development, and contributing to AI security efforts across cross-functional teams.

Anywhere Full-time Mid Level Application Security Engineer
$152k-$190k
AWS GraphQL gRPC Kotlin Kubernetes Penetration Testing Python
12 hours, 5 minutes ago
GuidePoint Security

Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a security engineering professional to support application security tooling and secure development practices for its cybersecurity clients, including Fortune 500 companies and U.S. government agencies.

United States Full-time Mid Level Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins SaltStack
12 hours, 13 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers