Chainguard's Libraries team needs to drive the technical strategy and implementation for their JavaScript ecosystem infrastructure, focusing on secure, reliable, and automated build systems for npm packages and related tooling to expand and maintain coverage over mission-critical JS libraries, advance build automation, and improve vulnerability remediation workflows across the npm package ecosystem.
Requirements
- 8+ years building and maintaining infrastructure for JavaScript/TypeScript package ecosystems (npm) or large-scale open-source projects in a similar domain
- Proven record in building, shipping, and maintaining developer tools – e.g., bundler plugins, CLI tools, code generators, or custom automation pipelines for JS packages
- Deep familiarity with modern JS build tooling: esbuild, Rollup, Webpack, Vite, Bun, SWC, Turbopack, Babel, PostCSS, Rome/Biome, Deno, and the associated tradeoffs between ESM/CJS/modules
- Hands-on experience orchestrating large monorepos (Lerna, Nx, Turborepo or custom setups) and solving infra-scale dependency or module resolution problems in production
- Comfortable working with build system code written in Go (our infra is Go-based), plus solid experience in JavaScript/TypeScript.
- Demonstrated ability to debug and resolve critical infrastructure and package-building failures at scale
- Experience with cloud-native technologies and infrastructure, including containerization (e.g., Docker, Kubernetes), cloud services (e.g., GCP, AWS), infrastructure as code practices (e.g., Terraform).
Responsibilities
- Own technical direction and architecture for JS (npm) ecosystem infrastructure, supporting high-quality and secure build, test, and distribution automation for libraries
- Design, implement, and optimize systems for automated artifact creation, update, validation, vulnerability scanning, remediation, and SBOM and provenance generation for npm packages
- Build and maintain internal developer tools: bundler plugins, CLI utilities, code generators, and meta-tooling that improve the workflows for library and package maintenance
- Develop and debug integrations for modern JS build systems and package managers.
- Solve complex dependency resolution issues, manage monorepo orchestration, and drive improvements in infrastructure automation
- Collaborate with product and engineering leadership to set technical direction, drive roadmap execution, and establish process excellence for scalable package maintenance
- Partner with internal teams (Delivery, Sustaining, Platform, Security) to ensure our JavaScript ecosystem services meet critical SLAs and SLOs
Other
- Mentor, review, and enable other engineers by sharing systems knowledge, debugging strategies, and "meta" tooling insights
- Excellent cross-team communication skills: can collaborate with product, engineering, ops, and security teams; proactively document, mentor, and share lessons learned
- Flexible & Remote-First Culture
- 100% Covered Health Insurance
- ∞ Flexible Time Off
