Security Engineer, Governance and Trust
Chainguard is seeking a Security Engineer to join its Governance & Trust (G&T) team, focusing on automating and enhancing governance processes to ensure a secure software supply chain. This role offers an opportunity to build foundational systems from the ground up, contributing to the company's mission of making software supply chains secure by default.
The Security Engineer will design and implement Git/GitHub repositories for controls, assets, and risk scenarios, establish a trust data lake using platforms like Google BigQuery, and automate control evidence collection. Additionally, the role involves transitioning a Python-based risk engine from prototype to production, collaborating with engineering teams to integrate governance into the platform, and leveraging AI tools to enhance analysis and automation.
Candidates should have 1–3 years of experience in data engineering, analytics, security engineering, or similar technical roles. Proficiency with Git/GitHub workflows, Python scripting, Bash or similar shell scripting, and SQL is essential. Experience with data wrangling, ETL concepts, and a strong analytical mindset are also required. Effective collaboration and communication skills in a remote setting are important, along with a willingness to learn and adapt to new tools and patterns.
Chainguard offers a flexible, remote-first culture with opportunities for team meetups and bi-annual destination summits. Employees receive stock options upon hire and promotion, with a 10-year window to exercise options. The company covers 100% of health, vision, and dental insurance premiums for employees and their dependents. Additional benefits include flexible time off and 18 weeks of paid parental leave for birthing parents, with 12 weeks for non-birthing parents.
At Chainguard, the company values customer obsession, intentional action, a balance between serious work and enjoyment, and a culture of trust and transparency. Employees are encouraged to prioritize, plan, experiment, and learn from failures, all while maintaining a focus on delivering solutions that create value for customers.