Principal Product Security Researcher

Principal Product Security Researcher

Chainguard is seeking a Principal Product Security Researcher to lead our product security research function. You will be instrumental in shaping the future threat landscape, ensuring our customers sleep soundly. This role is ideal for someone who thrives on turning ambiguous threat intelligence into concrete, actionable strategies that drive company-wide security improvements.

About the Role

As a Principal Product Security Researcher, you will own the product security research agenda for Chainguard. Your primary focus will be scanning the broader ecosystem to identify emerging attack patterns and translating these insights into clear risks and opportunities for Chainguard and its customers. You will influence security direction across our products and platforms by partnering closely with Product, Engineering, and Security leadership, embedding your findings into roadmaps, architectural decisions, and long-term strategic plans.

What You’ll Do

• Research emerging threats and trends in software supply chain and product security, analyzing their impact on Chainguard's products and customers.
• Design pragmatic, creative mitigations across people, process, and technology that go beyond proof-of-concept demonstrations to achieve actual adoption.
• Lead large-scale, multi-quarter initiatives aimed at materially reducing risk and improving security maturity across multiple product lines and platforms.
• Partner with executive and senior engineering leadership to drive organizational security strategy, influence key roadmap decisions, and gain buy-in for complex changes.
• Identify systematic weaknesses in systems, structures, and habits, developing plans to address root causes effectively and sustainably.
• Mentor and upskill teams within Product Security and Engineering, fostering a more strategic approach to threats, risk, and long-term security posture.
• Represent Chainguard externally through talks, conferences, and thought leadership, sharing learnings and contributing to industry advancement.

Requirements

• Deep experience in product or application security, with a proven track record of leading research or threat-focused initiatives that delivered clear, company-level outcomes.
• Expert knowledge across multiple domains including secure architecture, application/product security, software supply chain, and organizational risk management, with a strong ability to balance security, velocity, and reliability.
• Comfort in owning ambiguous, cross-functional problems and transforming them into structured, prioritized initiatives that are successfully implemented.
• Proven ability to present complex ideas to executive stakeholders, achieving alignment and driving decision-making at the highest levels.
• Keen awareness of industry trends, tooling, and research methods, with a practical approach to applying new knowledge.
• Ability to work independently with high ownership, while also being a collaborative team player.
• Comfort operating in fast-evolving, uncertain environments and building structure where needed.

About Chainguard

Chainguard is the trusted source for open source software, delivering hardened, secure, and production-ready builds that help organizations build faster, stay compliant, and eliminate risk. We are venture-backed by leading investors and serve Fortune 500 enterprises and global industry leaders.

Our values guide our work: customer obsession, a bias for intentional action, not taking ourselves too seriously, and trusting each other.

What We Offer

• Flexible & Remote-First Culture: Work remotely with opportunities for team meetups, bi-annual destination summits, and a monthly stipend for coworking, phone, and internet.
• Equity: Receive stock options upon hire and promotion, with 10 years to exercise.
• Comprehensive Health Insurance: 100% of health, vision, and dental insurance premiums covered for you and your dependents.
• Unlimited Flexible Time Off: Take the time you need to recharge and do your best work.
• Generous Paid Parental Leave: 18 weeks for birthing parents and 12 weeks for non-birthing parents.

We encourage applications from candidates with diverse backgrounds and experiences. Chainguard is an equal opportunity employer.