Chainguard
Senior Security Engineer
Job Summary
This role involves designing and deploying security controls, leading incident response efforts, and integrating security practices within product teams for a cloud-native environment. The candidate should have experience with threat detection, penetration testing, and automating security workflows using programming languages like Go, Python, or Shell. Strong communication skills and familiarity with security frameworks such as SOC 2, ISO 27001, or NIST are required. The position offers a remote-first culture with comprehensive benefits including health coverage, stock options, and generous parental leave.
Required Skills
Benefits
Job Description
The Role
Ready to trade security headaches for the satisfaction of outsmarting cyber threats and having a little fun along the way?
At Chainguard, you’ll design and deploy innovative technical controls, lead incident response efforts, and push the boundaries of what’s possible in cloud-native security. Your work empowers Chainguardians to perform at their best while raising the security bar for the entire industry.
If you’re driven by curiosity, thrive in fast-moving environments, and want to make a meaningful impact on the open source ecosystem, this is your chance. Even if your experience doesn’t meet every requirement, we encourage you to apply.
What You’ll Do
- Engineer and deploy clever controls so security incidents stay rare and boring
- Lead incident response efforts, including tabletop exercises
- Integrate security best practices with product teams who appreciate memes as much as mitigations
- Conduct security assessments and penetration tests- bring your inner hacker
- Automate detection and response workflows using Go, Python, or Shell, mostly so you can spend less time yelling at logs and more time celebrating wins
- Stay one step ahead of emerging security threats
- This position includes rotational on-call responsibilities; Not brutal- the workload is reasonable and shared across the team.
What We’re Looking For
- 5+ years’ experience in software development, security, or a related field
- Experience and passion identifying, developing, and integrating threat intelligence into meaningful detection engineering and preventative controls
- Experience securing cloud-native environments and endpoint detection & response
- Familiarity with macOS or Linux security controls
- Independent work style and strong communication skills
- Experience with security frameworks: SOC 2, ISO 27001, NIST
- Experience with open source software or red-teaming is a plus
About Us
Chainguard is the secure foundation for software development and deployment. By providing guarded open source software, built from source and updated continuously, Chainguard helps organizations eliminate threats in their software supply chains.
Founded by the industry's leading experts on open source software, security and cloud native development, Chainguard has built the largest library of open source software that is secure by default.
Chainguard’s mission is to be the safe source for open source.
We live and breathe our company values:
We are customer obsessed - We focus on delivering solutions to our customers that create value and make their lives better.
We have a bias for intentional action - We prioritize, plan, try things, and fail fast.
We don’t take ourselves too seriously (but we do serious work) - We are solving an important problem which takes focus, but we also like to enjoy the journey.
We trust each other and assume good intentions - We’re transparent with decisions to empower team members to make well informed decisions.
A few of the benefits we offer:
- Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a $400 monthly stipend for coworking spaces, phone and internet costs.
- Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options (yes, you read that correctly: 10 years!).
- 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents. Nothing comes out of your paycheck.
- ∞ Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset.
- 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year.
- For a full list of our benefits and rewards, click here.
If your experience is close but doesn’t fulfill all requirements, please apply. We’re building the best team in technology and are focused on hiring “Chainguardians'' with unique backgrounds, perspectives, and experiences.
Chainguard is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
By submitting your application, you acknowledge that Chainguard will process your personal data in accordance with Chainguard’s Privacy Policy.
©2025 Chainguard. All Rights Reserved.
Chainguard
Discover Chainguard's hardened, vulnerability-free container images designed to keep your infrastructure secure and efficient.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.