RemoteLeaf Logo
Log in Sign up

Staff Product Security Engineer

1 month ago
United States
Full-time
Lead
Application Security Engineer
Cybersecurity
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
Apply Now
Chainguard

Chainguard

Chainguard: Fortified Software Delivery Security for developers and CISOs, ensuring secure by default infrastructure and zero workflow friction.

Internet Software & Services
51-250
Founded 2021
$55M raised
View All Jobs 57

Description

  • Design, build, and maintain secure CI/CD pipelines with security gates that catch issues before production.
  • Systematically capture and monitor the risk exposure of Chainguard’s products.
  • Implement and enforce software supply chain security controls such as signed artifacts, SBOMs, and provenance attestation.
  • Identify emerging customer security needs and build solutions to address them.
  • Lead security architecture reviews and threat modeling for Kubernetes-based workloads on GCP and AWS.
  • Harden container images, Kubernetes cluster configurations, and cloud IAM posture to reduce attack surface.
  • Define and drive adoption of baseline security standards including pod security, network policies, workload identity, and secrets management.
  • Evaluate and operationalize CNAPP and CSPM tooling for continuous cloud-native risk visibility.

Requirements

  • 7+ years of experience in software engineering, security engineering, or a combined role with substantial hands-on security responsibility.
  • Strong proficiency in Go or Python, with the ability to write, review, and debug production-quality code.
  • Deep hands-on experience with Kubernetes in production, including cluster hardening, RBAC, network policies, and admission controllers.
  • Practical expertise with GCP and/or AWS, including IAM, workload identity, secrets management, and security services such as GCP Security Command Center or AWS Security Hub.
  • Proven experience designing and securing CI/CD pipelines using GitHub Actions, Cloud Build, Tekton, or similar tools.
  • Experience with container security, including image scanning, distroless or minimal base images, and runtime security.
  • Experience with software supply chain security tooling and frameworks such as Sigstore, SLSA, and SBOM generation.
  • Solid understanding of OWASP, NIST, and cloud security frameworks and how to apply them pragmatically.
  • Familiarity with Chainguard Images or other minimal, hardened container base image ecosystems is preferred.
  • Experience with policy-as-code tools such as OPA, Kyverno, or Conftest is preferred.
  • Contributions to open source security projects are preferred.
  • Background in security research or offensive security, such as bug bounty, CTFs, or penetration testing, is preferred.

Benefits

  • Flexible, remote-first work culture with team meetup opportunities and bi-annual destination summits.
  • Monthly stipend for coworking spaces, phone, and internet costs.
  • Stock options upon hire and promotion, plus participation in secondary offerings and 10 years to exercise options.
  • 100% covered health, vision, and dental insurance for employees and dependents.
  • Unlimited flexible time off.
  • 18 weeks of paid parental leave for birthing parents and 12 weeks for non-birthing parents.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Nebius

Application Security Engineer

Nebius 51-250 Internet Software & Services

Nebius is hiring an Application Security Engineer to help secure its AI cloud platform by identifying vulnerabilities, improving secure development practices, and supporting application security across the software lifecycle.

United Kingdom Europe Netherlands Czech Republic Germany Full-time Mid Level Application Security Engineer
$81k-$259k
Burp Suite Cybersecurity Go Java JavaScript Linux OpenID Connect Penetration Testing Python SAML
8 hours, 22 minutes ago
GuidePoint Security

Senior Application Security Engineer - Southeast region (Remote)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a senior Application Security consultant to help client organizations strengthen and operationalize their AppSec programs through a mix of advisory work, hands-on engineering, and executive-level guidance.

United States Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP Kubernetes Secrets Management
8 hours, 52 minutes ago
Spotify

Security Engineer- Product Security

Spotify Media

Spotify is hiring a Security Engineer for Product Security to secure its platform, infrastructure, and engineering initiatives for hundreds of millions of users across London or Stockholm.

United Kingdom Sweden Full-time Mid Level Application Security Engineer
Agile C++ CI/CD Encryption Generative AI Java Python Scala TypeScript
9 hours, 7 minutes ago
MLabs

Product Security Engineer

MLabs 11-50 Internet Software & Services

MLabs is hiring a Product Security Engineer to secure an enterprise-grade open-source proof-of-stake blockchain platform as it scales across protocol upgrades, EVM-compatible services, and cross-chain infrastructure.

Singapore United Kingdom Switzerland Germany Hong Kong Full-time Senior Application Security Engineer
$75k-$85k
Blockchain CI/CD Encryption gRPC Java Rust
9 hours, 22 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers