Chainguard
Manager, Product Security
Job Summary
This role involves leading and growing Chainguard’s Product Security team, ensuring the security of all products through strategic initiatives and cross-functional collaboration. The candidate will manage security engineers, contribute to security strategy, and oversee security practices throughout the development lifecycle. Extensive experience in secure coding, DevSecOps, industry standards, and security testing is required, along with a strong leadership background. The role emphasizes building a security-focused culture and managing critical security incidents within a fast-paced, innovative environment.
Required Skills
Benefits
Job Description
Chainguard is the secure foundation for software development and deployment. By providing guarded open source software, built from source and updated continuously, Chainguard helps organizations eliminate threats in their software supply chains.
Founded by the industry's leading experts on open source software, security and cloud native development, Chainguard has built the largest library of open source software that is secure by default.
Chainguard’s mission is to be the safe source for open source.
The role, in a nutshell:
As a manager for the Product Security team, you will lead and grow Chainguard’s Product Security practice, ensuring that all Chainguard products are designed, built and operated with security at their core. You will manage a team of product security engineers, drive high-impact initiatives and work cross-functionally to integrate security measures into every phase of Chainguard’s software development life cycle through partnership with Engineering and Product.
What you’ll do:
- Lead, manage, coach, and develop a team of Security professionals responsible for Product Security in all Chainguard products.
- Lead Product Security initiatives, ensuring alignment with organizational goals and objectives.
- Develop a broad and deep technical understanding of the services and architectures pertaining to Chainguard products. Contribute to the short and long-term security strategy to ensure that products are designed and built securely by design while improving the secure software development life-cycle (SSDLC).
- Lead new, reoccurring, or ah-hoc security initiatives with end-to-end ownership. Participate in security escalations.
- Collaborate with product and engineering teams to ensure security is integrated into all aspects of the Chainguard products.
- Design and deliver internal collateral, author internal processes,, and contribute to thought‑leadership content to deepen security fluency across Chainguard and among our customers.
- Serve as an escalation point for critical security incidents and ensure timely remediation.
What we're looking for:
- Secure Coding and DevSecOps Initiatives: Experience in implementing and leading DevSecOps initiatives, frameworks, and tools used for SCA, SAST, CNAPP, threat enrichment, etc.
- Agile Methodologies: Experience with Agile development/Scrum methodologies and incorporating security requirements into the SDLC (CI/CD) with product owners.
- Programming and Deployment: Experience in managing programs supporting secure code and software deployments in various languages (Python, Node.js, C#, .NET, JavaScript, Go, Ruby, GraphQL, SDK, and RESTful API design/development).
- Technical Expertise and Industry Standards Knowledge: Extensive experience in secure code reviews, business logic assessments, and application security testing. Deep understanding of network, data, and cloud security principles; and Expert knowledge of security principles, standards, and best practices, such as OWASP, NIST, FedRAMP, ISO, etc.
- You have 10+ years of software or security engineering experience, including supporting multiple teams and complex org-wide initiatives.
- You can lead projects, mentor team members, and provide technical leadership.
You stay current on emerging security threats and technologies, proactively identifying areas for improvement and drive initiatives to enhance the security posture of our products.
About Us
We live and breathe our company values:
We are customer obsessed - We focus on delivering solutions to our customers that create value and make their lives better.
We have a bias for intentional action - We prioritize, plan, try things, and fail fast.
We don’t take ourselves too seriously (but we do serious work) - We are solving an important problem which takes focus, but we also like to enjoy the journey.
We trust each other and assume good intentions - We’re transparent with decisions to empower team members to make well informed decisions.
A few of the benefits we offer:
- Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a $400 monthly stipend for coworking spaces, phone and internet costs.
- Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options (yes, you read that correctly: 10 years!).
- 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents. Nothing comes out of your paycheck.
- ∞ Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset.
- 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year.
- For a full list of our benefits and rewards, click here.
If your experience is close but doesn’t fulfill all requirements, please apply. We’re building the best team in technology and are focused on hiring “Chainguardians'' with unique backgrounds, perspectives, and experiences.
Chainguard is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
By submitting your application, you acknowledge that Chainguard will process your personal data in accordance with Chainguard’s Privacy Policy.
©2025 Chainguard. All Rights Reserved.
Chainguard
Discover Chainguard's hardened, vulnerability-free container images designed to keep your infrastructure secure and efficient.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.