Principal Product Security Researcher

🕒 2 days ago

🇺🇸 United States – Remote

💵 $201k - $226k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Chainguard

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2021

🔐 Security

☁️ SaaS

🔒 Cybersecurity

Security • SaaS • Cybersecurity

Chainguard is a company that specializes in building secure container images to enhance software security and compliance. Their products include low-to-zero CVE container images, which are updated daily to maintain security and compliance standards such as FedRAMP, NIST 800-53, PCI-DSS, SOC2, and CIS benchmarks. Chainguard focuses on reducing vulnerabilities, automating compliance, and supporting development workflows without compromising on innovation and productivity. The company serves a wide range of industries, including highly regulated sectors, by providing hardened image solutions to mitigate software supply chain risks and enhance application security.

📋 Description

• Own the product security research agenda for Chainguard scanning the broader ecosystem, identifying emerging attack patterns, and translating them into clear risks and opportunities for Chainguard and our customers. • Shape security direction across products and platforms, partnering closely with Product, Engineering, and Security leadership to embed your findings into roadmaps, architecture decisions, and long-term plans. • Operate as someone who sees the whole ecosystem, spots issues early, and helps others navigate with confidence (and just enough healthy paranoia). • Research emerging threats & trends in software supply chain and product security, and analyze their impact on Chainguard’s products and customers. • Design creative mitigations across people, process, and technology not just proof-of-concept demos, but pragmatic defenses that actually get adopted. • Lead large-scale, multi-quarter initiatives that materially reduce risk or improve our security maturity across multiple product lines and platforms. • Partner with executive and senior engineering leadership to drive org-level security strategy, influence key roadmap decisions, and secure buy-in for big, complex changes. • Identify systematic weaknesses (in systems, structures, and sometimes habits) and develop plans that fix root causes in ways that persist long after you’ve moved on to the next hard problem. • Mentor and uplevel others across Product Security and Engineering by helping teams think more strategically about threats, risk, and long-term security posture. • Represent Chainguard externally through talks, conferences, and thought leadership, sharing what we’re learning and helping move the industry forward.

🎯 Requirements

• Bring deep experience in product or application security, with a track record of leading research or threat-focused work that drove clear, company-level outcomes. • Have expert knowledge across multiple domains such as secure architecture, application/product security, software supply chain, and org-level risk management and you know how to balance security, velocity, and reliability. • Are comfortable owning ambiguous, cross-functional problems and turning them into structured, prioritized initiatives that ship and stick. • Have a proven ability to present complex ideas to executive stakeholders, gaining alignment and driving decision-making at the highest levels. • Stay at the cutting edge of industry trends, tooling, and research methods not just reading the latest papers, but putting them into practice in a pragmatic way. • Work independently and with high ownership, while still being a generous collaborator who brings others along for the ride. • Are comfortable in fast-evolving, uncertain contexts and can build structure.

🏖️ Benefits

• Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a monthly stipend for coworking spaces, phone and internet costs. • Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options (yes, you read that correctly: 10 years!). • 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents. Nothing comes out of your paycheck. • ∞ Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset. • 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year.