Principal Product Security Researcher

The role, in a nutshell

Chainguard prioritizes our customers’ security above all else, which means preparing not just for the attacks of today, but for those of tomorrow as well. In this Principal-level role, you’ll:

• Own the product security research agenda for Chainguard scanning the broader ecosystem, identifying emerging attack patterns, and translating them into clear risks and opportunities for Chainguard and our customers.
• Shape security direction across products and platforms, partnering closely with Product, Engineering, and Security leadership to embed your findings into roadmaps, architecture decisions, and long-term plans.
• Operate as someone who sees the whole ecosystem, spots issues early, and helps others navigate with confidence (and just enough healthy paranoia).

If you enjoy turning ambiguous, fast-moving threat intel into concrete, multi-quarter plans that change how a company operates, this is your playground.

What you’ll do:

• Research emerging threats & trends in software supply chain and product security, and analyze their impact on Chainguard’s products and customers.
• Design creative mitigations across people, process, and technology not just proof-of-concept demos, but pragmatic defenses that actually get adopted.
• Lead large-scale, multi-quarter initiatives that materially reduce risk or improve our security maturity across multiple product lines and platforms.
• Partner with executive and senior engineering leadership to drive org-level security strategy, influence key roadmap decisions, and secure buy-in for big, complex changes.
• Identify systematic weaknesses (in systems, structures, and sometimes habits) and develop plans that fix root causes in ways that persist long after you’ve moved on to the next hard problem.
• Mentor and uplevel others across Product Security and Engineering by helping teams think more strategically about threats, risk, and long-term security posture.
• Represent Chainguard externally through talks, conferences, and thought leadership, sharing what we’re learning and helping move the industry forward.

You might be a great fit if you:

• Bring deep experience in product or application security, with a track record of leading strategic security initiatives.