Sr. Software Engineer (Security)

Role: Sr. Software Engineer (Security)

Reports to: Manager, Engieering

Department: Product and Engineering

Location: Remote- US, Canada, UK, Germany

Job Type: Full Time, Exempt

Help us Deliver Technology for Human Sensemaking 

Anaconda is the world’s most popular data science platform. With more than 26 million users, the open source Anaconda Distribution is the easiest way to do data science and machine learning. We pioneered the use of Python for data science, champion its vibrant community, and continue to steward open-source projects that make tomorrow’s innovations possible. Our enterprise-grade solutions enable corporate, research, and academic institutions around the world to harness the power of open source for competitive advantage and groundbreaking research.

Anaconda is seeking people who want to play a role in shaping the future of enterprise machine learning, and data science. Candidates should be knowledgeable and capable, but always eager to learn more and to teach others. Overall, we strive to create a culture of ability and humility and an environment that is both relaxed and focused. We stress empathy and collaboration with our customers, open-source users, and each other. 

Here is why people love most about working here: We’re not just a company, we’re part of a movement. Our dedicated employees and user community are democratizing data science and creating and promoting open-source technologies for a better world, and our commercial offerings make it possible for enterprise users to leverage the most innovative output from open source in a secure, governed way.

Summary

Anaconda is seeking a talented Sr. Software Engineer (Security) to join our rapidly-growing company focusing on the government vertical. This is an excellent opportunity for you to leverage your skills and apply it to the world of data science and machine learning.

What You’ll Do:

• Secure the software supply chain in the conda ecosystem, starting from upstream open-source packages, to the build process, to the package manager (conda), to installation and environment management.
• Identify gaps in our security and work with the product teams to implement mitigation.
• Keep up to speed with security best practices and trends and advise company leadership on approaches to implement
• Help Anaconda be a leader in securing packages.
• Work with product teams to implement security features and initiatives.
• Be available to advise product teams and architects that need feedback on potential security issues.
• Coordinate with external security groups like OpenSSF, The Update Framework, etc. on software supply chain security efforts and best practices.
• Be a voice to drive security best practices at the company with presentations, training, etc.

What You Need:

• Knowledgeable about three or more of the following: Cryptography, package building / packaging life cycle, package security, cryptographic signature schemes, SLSA or similar frameworks for assessing supply chain security, key management / PKI, application security.
• A history of working with dev teams to deliver working, tested software
• Experience with the full SDLC including code reviews, testing, and source control best practices.
• Experience leading larger initiatives. 
• Willingness to help
• Desire to learn and teach others around you
• Experience creating threat models and effectively delivering results to high level stakeholders
• Demonstrated flexibility, organization and self-motivation
• Team attitude: “I am not done, until WE are done”
• Embody our core values:
• Ability & Humility
• Innovation & Action
• Empathy & Connection

What Will Make You Stand Out:

• Worked in packaging, updater, or SBOM security
• Worked in packaging, updater, or SBOM securityWorked with the following orgs, initiatives, or projects: SigStore, TUF, Notary Project, OWASP, SLSA, OpenSSF
• Previous work auditing package managers

Why You’ll Like Working Here:

• Unique opportunity to translate strong open source adoption and user enthusiasm into commercial product growth
• Dynamic company that rewards high performers
• On the cutting edge of enterprise application of data science, machine learning and AI
• Collaborative team environment that values multiple perspectives and clear thinking
• Employees-first culture
• Flexible working hours
• Medical, Dental, Vision, HSA, Life and 401K (US based)
• Health and Remote working reimbursement 
• Paid parental leave - both mothers and fathers
• Pre-IPO stock options
• Open vacation policy and monthly company days off known as Snake Days
• 100% remote and flexible working policy – we embrace this fully through how we operate as a company.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.