Chainguard is looking to solve the problem of insecure open source software by providing minimal, zero-CVE container images and software artifacts that are always fresh and resilient. The sustaining engineering team aims to build software that makes vulnerabilities extinct, rather than just patching them.
Requirements
- 4+ years writing code in DevOps or software development—bonus points for serious Linux packaging experience (APK, DEB, RPM), debugging mastery, and the stamina to run solo when it counts.
- You don’t just build and debug images—you think in them.
- Deploy with plain manifests, Helm, or Kustomize.
- You create modules like LEGO—reusable, logical, and awesome.
- Fluent in at least one language (your Go, Python, C, or C++ memes always impress).
- You're a familiar face in the open-source crowd or a rising community leader.
- You have hands-on experience with vulnerability management and remediation.
Responsibilities
- Triage, chase down, and smash CVE’s, then dial up automation so those issues don’t come back.
- Get hands-on with melange, apko, Wolfi OS, and the Chainguard Images catalog—our open-source foundation that strips out bloat (and bugs) from containers.
- Build new Linux packages (APKs) and container images, and watch your handiwork shine in real-world cloud applications.
- Sync early and often with project managers and teammates around the world.
- Mentor engineers globally, leave your mark on the community, and become someone’s “you should talk to them.”
- Bring your passion for testing and automation so we can ship with confidence—and maybe brag a little, too.
Other
- English is no barrier.
- We’re all about DevOps tools for build and test, not wrangling infrastructure.
- You geek out over distroless containers and supply chain security.
- Flexible & Remote-First Culture
- 100% Covered Health Insurance
