Manager, Product Security

Summary

Join Chainguard's Product Security team as a manager, leading and growing the Product Security practice. You will ensure all Chainguard products are built with security as a core principle. Manage a team of product security engineers, drive impactful initiatives, and collaborate cross-functionally to integrate security measures into the software development lifecycle. Lead security initiatives, develop a deep understanding of Chainguard products, and contribute to the long-term security strategy. Collaborate with product and engineering teams, design internal collateral, and serve as an escalation point for security incidents. The role requires extensive experience in secure coding, DevSecOps, Agile methodologies, and various programming languages.

Requirements

• Secure Coding and DevSecOps Initiatives: Experience in implementing and leading DevSecOps initiatives, frameworks, and tools used for SCA, SAST, CNAPP, threat enrichment, etc
• Agile Methodologies: Experience with Agile development/Scrum methodologies and incorporating security requirements into the SDLC (CI/CD) with product owners
• Programming and Deployment: Experience in managing programs supporting secure code and software deployments in various languages (Python, Node.js, C#, .NET, JavaScript, Go, Ruby, GraphQL, SDK, and RESTful API design/development)
• Technical Expertise and Industry Standards Knowledge: Extensive experience in secure code reviews, business logic assessments, and application security testing. Deep understanding of network, data, and cloud security principles; and Expert knowledge of security principles, standards, and best practices, such as OWASP, NIST, FedRAMP, ISO, etc
• You have 10+ years of software or security engineering experience, including supporting multiple teams and complex org-wide initiatives
• You can lead projects, mentor team members, and provide technical leadership
• You stay current on emerging security threats and technologies, proactively identifying areas for improvement and drive initiatives to enhance the security posture of our products

Responsibilities

• Lead, manage, coach, and develop a team of Security professionals responsible for Product Security in all Chainguard products
• Lead Product Security initiatives, ensuring alignment with organizational goals and objectives
• Develop a broad and deep technical understanding of the services and architectures pertaining to Chainguard products. Contribute to the short and long-term security strategy to ensure that products are designed and built securely by design while improving the secure software development life-cycle (SSDLC)
• Lead new, reoccurring, or ah-hoc security initiatives with end-to-end ownership. Participate in security escalations
• Collaborate with product and engineering teams to ensure security is integrated into all aspects of the Chainguard products
• Design and deliver internal collateral, author internal processes,, and contribute to thought‑leadership content to deepen security fluency across Chainguard and among our customers
• Serve as an escalation point for critical security incidents and ensure timely remediation

Benefits

• Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a $400 monthly stipend for coworking spaces, phone and internet costs
• Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options (yes, you read that correctly: 10 years!)
• 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents. Nothing comes out of your paycheck
• ��� Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset
• 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year