Match score not available

Senior/Staff Security Engineer

Remote: 
Full Remote
Contract: 
Salary: 
140 - 210K yearly
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

Bachelor’s degree in relevant field, 5+ years experience in software security, Experience securing cloud-native environments, Familiarity with macOS/Linux security controls, Ability to craft automation with Go, Python or Shell.

Key responsabilities:

  • Design and deploy security controls
  • Collaborate on integrating security best practices
  • Maintain compliance with security frameworks
  • Lead incident response and tabletop exercises
  • Conduct security assessments and research threats
Chainguard logo
Chainguard Computer Hardware & Networking Scaleup https://chainguard.dev/
51 - 200 Employees
See more Chainguard offers

Job description

Open Source has taken over the world of software development; however, the largest trade-off still persists: security. Companies spend an enormous amount of time and resources patching and fortifying open source software in order to ship with confidence & compliance. 

Founded by the industry's leading experts on open source software, security and cloud native development, Chainguard has built the largest library of open source software that is secure by default. Customers including Snowflake, Canva, and HPE rely on Chainguard to build securely with open source software across the organization.

Chainguard is the safe source for open source.

About Us

We live and breathe our company values:

We are customer obsessed - Our true advantage is the strength of our relationships with customers through collaboration, empathy, and responsiveness.  We establish trust as we educate, advocate, and listen to their needs.  Our focus is on delivering solutions to our customers that create value and make their lives better. 

We have a bias for intentional action - We’re a start-up and we need to move fast. However we need to move fast through intentional action to make sure we’re able to deliver quickly and efficiently on what is most impactful to our collective success.  We prioritize, plan, try things, and fail fast.  We think about how what we do impacts other teams and communicate our progress - owning the whole solution from start to finish. If we move fast enough, we can make two or three mistakes, learn, and correct them before competitors even make their first decision.

We don’t take ourselves too seriously (but we do serious work) - Though we are solving an important problem which takes focus and a degree of seriousness, we don’t take ourselves too seriously while we do.  We laugh, have fun, embrace uniqueness, and enjoy the journey. Together.

We trust each other and assume good intentions - We hire great team members and trust them to do their work. We’re transparent with data, news, and decisions - positive or negative - to empower team members to make well informed decisions. Showing up for each other fully means we celebrate each other’s accomplishments as well as give compassionate direct feedback when needed.  We always default to assuming good intentions.

The role, in a nutshell:

As a Security Engineer, your role will be to enable Chainguardians to do their best work through collaborative low-friction Information Security. You will work closely with the IT/Security team and collaborate with teams across the company to improve our security posture and ensure compliance with industry standards and regulations. A successful candidate will possess a strong technical background, excellent problem-solving abilities, and relentless curiosity. 

What you’ll do:

  • Design and deploy innovative technical controls to detect and prevent security incidents.
  • Collaborate across teams to integrate security best practices into products and processes.
  • Keep Chainguard compliant across multiple security frameworks.
  • Fill out security questionnaires for prospective customers.
  • Lead incident response efforts, including tabletop exercises.
  • Conduct security assessments and penetration tests.
  • Maintain detection and response automation.
  • Research the latest security threats.

What we're looking for (you do not need all of these to apply):

  • Bachelor’s of Science degree in Computer Science, Engineering, Computer Security, Information Systems
  • 5+ years of experience in software development, security, or relevant field
  • Experience securing Cloud-native environments
  • Experience with endpoint detection and response
  • Familiarity with macOS or Linux security controls
  • Familiarity with security frameworks such as SOC 2, ISO 27001, and NIST
  • Ability to craft automation with languages such as Go, Python, or Shell.
  • Experience with red-teaming or open-source software development
  • Strong interpersonal and communication skills
  • Ability to work independently across multiple simultaneous work streams
Base Salary Range
$140,000$210,000 USD

A few of the benefits we offer (for our full time employees):

  • Equity/stock options
  • Unlimited PTO
  • Remote work with flexible coworking and team meetup opportunities
  • Home office and internet stipend
  • 100% health/dental/vision insurance coverage for you and your family

If your experience is close but doesn’t fulfill all requirements, please apply. Chainguard is on a mission to build the best team. To achieve our goal, we are focused on hiring “Guardians'' with unique backgrounds, perspectives, and experiences.

Chainguard is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

For US based roles - Chainguard participates in E-Verify and will provide the federal government with employee Form I-9 Information to confirm authorization to work in the U.S. Chainguard, Inc. only uses E-Verify once a candidate has accepted a job offer and completed the Form I-9. If E-Verify cannot confirm that an employee is authorized to work, Chainguard, Inc. will give the employee written instructions and an opportunity to contact the Department of Homeland Security (DHS) or Social Security Administration (SSA) so the employee can begin to resolve the issue before any adverse employment action is taken. For more information about your right to work, please see the Notice of Right to Work.

By submitting your application, you acknowledge that Chainguard will process your personal data in accordance with Chainguard’s Privacy Policy.

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Computer Hardware & Networking
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Problem Solving
  • Verbal Communication Skills
  • Social Skills

Security Engineer Related jobs