Chainguard

Principal Product Security Researcher

Chainguard

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $201,000 - $226,000 per year

Job Level

Lead

About the role

  • Own the product security research agenda for Chainguard scanning the broader ecosystem, identifying emerging attack patterns, and translating them into clear risks and opportunities for Chainguard and our customers.
  • Shape security direction across products and platforms, partnering closely with Product, Engineering, and Security leadership to embed your findings into roadmaps, architecture decisions, and long-term plans.
  • Operate as someone who sees the whole ecosystem, spots issues early, and helps others navigate with confidence (and just enough healthy paranoia).
  • Research emerging threats & trends in software supply chain and product security, and analyze their impact on Chainguard’s products and customers.
  • Design creative mitigations across people, process, and technology not just proof-of-concept demos, but pragmatic defenses that actually get adopted.
  • Lead large-scale, multi-quarter initiatives that materially reduce risk or improve our security maturity across multiple product lines and platforms.
  • Partner with executive and senior engineering leadership to drive org-level security strategy, influence key roadmap decisions, and secure buy-in for big, complex changes.
  • Identify systematic weaknesses (in systems, structures, and sometimes habits) and develop plans that fix root causes in ways that persist long after you’ve moved on to the next hard problem.
  • Mentor and uplevel others across Product Security and Engineering by helping teams think more strategically about threats, risk, and long-term security posture.
  • Represent Chainguard externally through talks, conferences, and thought leadership, sharing what we’re learning and helping move the industry forward.

Requirements

  • Bring deep experience in product or application security, with a track record of leading research or threat-focused work that drove clear, company-level outcomes.
  • Have expert knowledge across multiple domains such as secure architecture, application/product security, software supply chain, and org-level risk management and you know how to balance security, velocity, and reliability.
  • Are comfortable owning ambiguous, cross-functional problems and turning them into structured, prioritized initiatives that ship and stick.
  • Have a proven ability to present complex ideas to executive stakeholders, gaining alignment and driving decision-making at the highest levels.
  • Stay at the cutting edge of industry trends, tooling, and research methods not just reading the latest papers, but putting them into practice in a pragmatic way.
  • Work independently and with high ownership, while still being a generous collaborator who brings others along for the ride.
  • Are comfortable in fast-evolving, uncertain contexts and can build structure.
Benefits
  • Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a monthly stipend for coworking spaces, phone and internet costs.
  • Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options (yes, you read that correctly: 10 years!).
  • 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents. Nothing comes out of your paycheck.
  • ∞ Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset.
  • 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
product securityapplication securitysecure architecturesoftware supply chainrisk managementthreat researchsecurity maturitymitigation designcomplex problem solvingstrategic thinking
Soft Skills
leadershipcollaborationcommunicationmentoringinfluencingpresentation skillsownershipadaptabilitycritical thinkingproblem-solving