Security Engineer, Governance and Trust

Chainguard is the trusted source for open source. By delivering hardened, secure, and production-ready builds of all the open source software engineers and AI agents rely on, Chainguard helps organizations build faster, stay compliant, and eliminate risk. Our customers include Fortune 500 enterprises and global industry leaders, including Anduril, Canva, Fortinet, Hewlett Packard Enterprise, OpenAI, Snap Inc., and Snowflake. Chainguard is venture-backed by leading investors, including Amplify, IVP, Kleiner Perkins, Lightspeed Venture Partners, Mantis VC, Redpoint Ventures, Sequoia Capital, and Spark Capital. Security Engineer (Governance Trust) Tired of checkbox compliance and audit spreadsheets? Want to build modern governance and trust as code instead of chasing tickets? Come help us do exactly that. At Chainguard, we’re on a mission to make the software supply chain secure by default. Our Governance Trust (GT) team is building the data, automation, and tooling that lets us prove we’re doing what we say we’re doing without slowing builders down. This role is a chance to build those foundations from scratch at an early stage in your career, with plenty of support and real impact. The role As a Security Engineer (Governance Trust), you’re stable, growing fast, and ready to stretch into more ownership with guidance when you need it. You’ll partner closely with our Cyber Resiliency and Product Security teams to: Build the Git/GitHub backbone for our controls, assets, and risk scenarios Stand up a trust data lake (likely in Google BigQuery) and the pipelines that feed it Automate control evidence collection and other “governance as code” workflows Help move a Python-based risk engine from prototype into production This is an engineering-flavored governance role for someone who likes data, automation, and critical thinking more than writing policy decks. What you’ll do Design and wire up repositories in Git/GitHub for controls, assets, and risk scenarios so they’re versioned, reviewable, and automation-friendly Build ingest ETL pipelines into a trust data lake (e.g., BigQuery) to pull in signals from systems across Chainguard Automate control evidence collection Productionize a Python risk engine, turning a working prototype into something reliable, observable, and maintainable Use Python, Bash, and SQL to wrangle data, stitch systems together, and eliminate repetitive work Partner with engineering teams to make governance and trust part of the platform Lean on and extend AI tooling (including orchestration frameworks like LangChain or LangGraph) to speed up analysis, data work, and automation Contribute to a remote-first, low-ego team culture where feedback flows freely and we optimize for outcomes, not theatrics You’ll have clear ownership of meaningful pieces of the system, with a manager and teammates who’ll help you prioritize and grow your scope over time. What you’ll bring We don’t expect you to have done this exact job before, but you’ll succeed here if you have: 1–3 years of experience in a relevant area: data engineering, analytics, security engineering, SRE, or similar hands-on technical role Comfortable with Git/GitHub and modern software workflows (branches, PRs, code review, CI, etc.) Practical experience with: Python for scripting and small tools Bash or similar shell scripting SQL for querying and joining data (nothing exotic—solid fundamentals go a long way) Some exposure to data wrangling and ETL concepts (pipelines, schemas, making messy data usable) A critical, analytical mindset: you care about the “why,” not just the “what,” and you’re comfortable zooming from big picture into the weeds Genuine curiosity and learning mindset: you like picking up new tools and patterns, especially around security, risk, and data Strong collaboration and communication skills in a remote setting: clear writing, proactive updates, low ego Comfort using AI tools (ChatGPT, Claude, etc.) day-to-da ... (truncated, view full listing at source)