Skip to content
ChainguardChainguardUnited States

Senior Product Security Engineer

Senior security engineer embedded in product development to build secure CI/CD pipelines, enforce supply chain controls, and harden Kubernetes workloads on GCP/AWS. Requires 5+ years experience, strong Go/Python skills, and deep Kubernetes and cloud security expertise.

157k – 184k
Remote5+ YOESecurity Engineering

About the role

What you’ll do

Build & Harden Secure Pipelines

  • Design, build, and maintain secure CI/CD pipelines with security gates that catch issues before they reach production.
  • Systematically, consistently and automatically capture the risk exposure of Chainguard's products.
  • Implement and enforce software supply chain security controls: signed artifacts, SBOMs, provenance attestation (SLSA, Sigstore / Cosign).
  • Proactively identify emerging customer security needs, and build solutions to meet these.

Cloud-Native Product Hardening

  • Lead security architecture reviews and threat models for Kubernetes-based workloads running on GCP and AWS.
  • Harden container images, Kubernetes cluster configurations, and cloud IAM postures — minimising attack surface across our product stack.
  • Define and drive adoption of baseline security standards: pod security standards, network policies, workload identity, secrets management.
  • Evaluate and operationalise CNAPP / CSPM tooling to maintain continuous visibility into cloud-native risk.

What we're looking for

Required

  • 5+ years in software engineering, security engineering, or a combined role with meaningful hands-on security responsibility throughout.
  • Strong proficiency in Go or Python, with the ability to write, review, and debug production-quality code.
  • Deep, hands-on experience with Kubernetes in production (cluster hardening, RBAC, network policies, admission controllers).
  • Practical expertise with GCP and/or AWS: IAM, workload identity, secrets management, security services (e.g., GCP Security Command Center, AWS Security Hub).
  • Proven track record designing and securing CI/CD pipelines (GitHub Actions, Cloud Build, Tekton, or similar).
  • Fluency with container security: image scanning, distroless/minimal base images, runtime security.
  • Experience with software supply chain security tooling and frameworks (Sigstore, SLSA, SBOM generation).
  • Solid understanding of OWASP, NIST, and cloud security frameworks and how to apply them pragmatically.

Nice to Have

  • Familiarity with Chainguard Images or other minimal/hardened container base image ecosystems.
  • Experience with policy-as-code tools (OPA, Kyverno, Conftest).
  • Contributions to open source security projects.
  • Background in security research or offensive security (bug bounty, CTF, penetration testing).

Compensation & Benefits

  • Base Salary Range: $157,000—$184,000 USD
  • Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a monthly stipend for coworking spaces, phone and internet costs.
  • Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options.
  • 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents.
  • ∞ Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset.
  • 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year.

Skills

GoPythonKubernetesGCPAWSIAMCI/CDGitHub ActionsCloud BuildTektonContainer SecuritySigstoreSlsaSbomOwasp
1Password

Senior Security Engineer, Detection and Response

1PasswordUnited States

Senior Security Engineer builds threat detections, leads incident response, and automates security operations in cloud/SaaS environments. Requires 5+ years experience with SIEM, SOAR, Python, AWS/GCP.

156k – 210k
Remote5+ YOESecurity Engineering
Pinterest

Sr. Security Software Engineer, Application Security

PinterestChicago, IL

Build security tooling and enhancements to protect Pinterest's platform and users, focusing on secure development lifecycle, assessments, and AI threat mitigation. Requires 5+ years in application/product security and Python proficiency.

156k – 320k
Remote5+ YOESecurity Engineering
Lumin Digital

Sr. Application Security Engineer

Lumin DigitalUnited States

Hands-on technical leader securing a B2B2C SaaS platform across the SDLC with deep expertise in application security, AI-augmented workflows, cloud-native security, and LLM-specific threat mitigation.

155k – 175k
Remote7+ YOESecurity Engineering
Metropolis

Senior Security Engineer, Infrastructure & Network Security

MetropolisLos Angeles, CA

Lead AWS and network security infrastructure, zero-trust initiatives, and cloud automation for enterprise environments. Requires strong AWS, networking, IAM, and scripting experience.

160k – 215k
On-site5+ YOESecurity Engineering
Commure

Senior Software Engineer, Information Security

CommureMountain View, CA

Senior Software Engineer architects scalable detection frameworks, integrates threat intelligence into automated security pipelines, and builds AI-driven security operations using Python, Java, and tools like Splunk and AWS. Requires 6+ years experience, bachelor's in CS/cybersecurity, and expertise in SIEMs, cloud security, and compliance.

160k – 190k
Hybrid6+ YOESecurity Engineering