Job Title: Wolfi Package & Container Maintainer

Salary Range: €84,000 - €104,000 EUR

Location Type: Remote (Europe or India strongly preferred)

Employment Type: Full-time

---

Position Overview

Chainguard is seeking a passionate engineer to help sustain and scale Wolfi, our community-driven, minimal, and security-centric Linux distribution. You will be part of a fast-moving, collaborative team responsible for maintaining and evolving the packages and containers that form Wolfi and our hardened container images. Your work will involve CVE remediation, debugging build issues, and ensuring the security and reliability of our software supply chain offerings.

---

Responsibilities

• Patching and Vulnerability Remediation: Create and maintain patches to address vulnerabilities (CVEs) across Linux packages and container images.
• Debugging and Issue Resolution: Debug and resolve issues related to package builds, image construction, and related processes.
• Package and Image Building: Utilize internal tooling (melange and apko) to build and publish new packages and images.
• Quality Improvement: Enhance the quality, reliability, and test coverage of existing packages and images.
• Backlog Management: Address a well-groomed backlog of issues and enhancements in collaboration with other teams.
• Cross-team Collaboration: Work closely with engineers across packaging, infrastructure, security, and product teams to deliver high-quality, secure software.

---

Requirements

• Location: Preference for candidates located in Europe or India.
• Linux Expertise: 2-3 years of hands-on experience with Linux systems and package ecosystems (e.g., APK, RPM).
• Containerization: Experience building and debugging container images, with a solid understanding of Kubernetes and Helm.
• Infrastructure Awareness: Familiarity with infrastructure-as-code tooling like Terraform.
• Programming Skills: Proficiency in at least one programming language (Go is frequently used).
• Debugging Skills: Strong debugging instincts, comfort with ambiguity, and patience for tracking down edge cases.
• Quality Focus: A commitment to secure, reproducible builds and meticulous attention to detail.

---

Bonus Points

• Active participation in open-source communities, particularly Linux distributions or container technologies.
• Experience with vulnerability remediation and software supply chain security.
• Experience with or interest in next-generation build systems.

---

Why You'll Love Working Here

• Impactful Work: Contribute to the foundation of safer software infrastructure used globally.
• Remote Flexibility: Work from anywhere, as part of a globally distributed team valuing flexibility and asynchronous collaboration.
• Collaborative Culture: An environment that prioritizes impact over titles, taking work seriously but not ourselves.
• Fast-Paced Environment: Operate in a high-trust setting emphasizing autonomy, ownership, and accountability.
• Meaningful Mission: Join us in securing software supply chains by default, starting at the package level.

---

Explore Our Projects

• Wolfi: wolfi.dev
• Melange: melange
• Apko: apko

---

About Us

Chainguard provides the secure foundation for software development and deployment. We help organizations eliminate software supply chain threats by delivering guarded open-source software, built from source and continuously updated. Founded by leading experts in open-source software, security, and cloud-native development, Chainguard has built the largest library of open-source software that is secure by default. Our mission is to make software supply chains secure by default.

---

Application Instructions

If you are excited about securing modern infrastructure foundations and enjoy working with build scripts, patches, and test logs, we encourage you to apply.