Facebook pixel

Sr. Software Engineer
Confirmed live in the last 24 hours
Canada • Remote • United Kingdom • United States
Experience Level
  • Knowledgeable about three or more of the following: Cryptography, package building / packaging life cycle, package security, cryptographic signature schemes, SLSA or similar frameworks for assessing supply chain security, key management / PKI, application security
  • A history of working with dev teams to deliver working, tested software
  • Experience with the full SDLC including code reviews, testing, and source control best practices
  • Experience leading larger initiatives
  • Willingness to help
  • Desire to learn and teach others around you
  • Experience creating threat models and effectively delivering results to high level stakeholders
  • Demonstrated flexibility, organization and self-motivation
  • Team attitude: “I am not done, until WE are done”
  • Embody our core values:
  • Ability & Humility
  • Innovation & Action
  • Empathy & Connection
  • Secure the software supply chain in the conda ecosystem, starting from upstream open-source packages, to the build process, to the package manager (conda), to installation and environment management
  • Identify gaps in our security and work with the product teams to implement mitigation
  • Keep up to speed with security best practices and trends and advise company leadership on approaches to implement
  • Help Anaconda be a leader in securing packages
  • Work with product teams to implement security features and initiatives
  • Be available to advise product teams and architects that need feedback on potential security issues
  • Coordinate with external security groups like OpenSSF, The Update Framework, etc. on software supply chain security efforts and best practices
  • Be a voice to drive security best practices at the company with presentations, training, etc
Desired Qualifications
  • Worked in packaging, updater, or SBOM security
  • Worked in packaging, updater, or SBOM securityWorked with the following orgs, initiatives, or projects: SigStore, TUF, Notary Project, OWASP, SLSA, OpenSSF
  • Previous work auditing package managers
Open-source data platform for Python
Company Overview
Anaconda is the most trusted Python data science platform with more than 15 million users and 150+ enterprise customers.