Stacklok is an innovative software supply chain security startup founded by Kubernetes co-founder, Craig McLuckie and Sigstore founder, Luke Hinds. Our mission is to make it easier to securely develop software. With our deep expertise in open source technologies and commitment to enhancing software security, we are seeking highly skilled and motivated individuals to join our team. This is a rare opportunity to join a startup at an early stage, and to be part of a team that is committed to building something truly innovative and impactful. Learn more about Stacklok’s mission, virtues, and leadership, HERE.
Location
This hybrid-remote role requires on-site work at our London office for three days a week. Our office is conveniently located in WeWork at 1 Mark Square, London, EC2A 4EG.
Elevator Pitch
Stacklok Cloud is a comprehensive security platform that combines open source package intelligence with a policy platform built on the open source project, Minder, allowing developers to securely consume open source software while enabling security teams to effectively manage and maintain a robust security posture across the entire software supply chain.
We are seeking a Software Engineer II to contribute to Trusty, our package intelligence service designed to help developers make safer open source dependency choices (check out the Trusty Demo). This role also involves building and enhancing features and capabilities for Stacklok Cloud.
This role focuses on backend software development, leveraging Go (Golang), Python, and RESTful APIs to expand Trusty’s capabilities by integrating new security signals and developing advanced analytics that give users deeper insights into their security risks and integrated Stacklok Cloud services.
Beyond feature development, this role involves key contributions to DevOps processes, such as deploying with Kubernetes, monitoring performance, and ensuring high standards of reliability and service quality.
If you’re excited about working with forward-thinking technology to strengthen open source security and protect codebases from malicious dependencies, we’d love to hear from you!
Role Success: 6-12 Months Expectations
- Team Integration and Cultural Fit: Build strong connections with team members and embrace our company virtues. Fully integrate into our engineering processes and contribute to a collaborative environment that promotes transparent knowledge-sharing.
- Product and Platform Expertise: Develop a thorough understanding of Stacklok’s products, services, and platform vision. Align your contributions with both immediate and long-term goals, focusing on enhancing Stacklok Insights to deliver valuable experiences for our customers.
- Cloud Architecture and Security Enhancements: Acquire in-depth knowledge of our cloud architecture and key components, prioritizing improvements in security, quality, scalability, and performance.
- Feature Development and Analytics Expansion: Take ownership of designing and implementing high-priority features to advance Trusty and Stacklok Cloud. Create tools that empower customers to assess their Software Bill of Materials (SBOM) and evaluate potential risks while integrating new security signals for enhanced analysis.
- Team work and SDLC working knowledge: Collaborate with team members, advocate for best practices, and deliver quality throughout the Software Development Lifecycle (SDLC). Actively participate in critical DevOps processes, such as Kubernetes deployments and performance monitoring, to ensure reliability and service excellence.
In This Role You Will Have The Opportunity To
- Innovate and Influence: Shape the future of Stacklok by designing and implementing innovative solutions that elevate our platform. Collaborate with end-users and the open source community to create forward-thinking approaches that drive continuous improvement and enhance software supply chain security.
- Enhance Architecture and Performance: Contribute to refining our architectural framework, focusing on scalability, resiliency, and delivery speed. Introduce new processes and automations that optimize workflows and drive operational excellence within the engineering team.
- Collaborate and Cultivate your skills: Collaborate with the engineering teams, fostering a culture of empathy, curiosity, and psychological safety. Conduct code reviews, provide input to designs, and actively participate in strengthening our engineering excellence and capabilities.
- Uphold Quality Standards: Work to high standards of quality across all development efforts by adopting best practices and continuous improvement. Work collaboratively with the team to refine processes and ensure that all deliverables meet our commitment to engineering excellence.
We understand that not everyone will meet every requirement listed, and that’s perfectly okay! We encourage you to apply regardless of your self-assessment. We value a diverse range of skills and experiences and believe that your unique attributes can make a significant impact. We want to hear from you!
Desired Skills & Experience
- Knowledge of design patterns, with the ability to explain design choices and seek feedback to foster continuous improvement.
- Strong programming skills in Golang, along with proficiency in Python, to deliver platform and product capabilities while actively engaging in cross-functional engineering practices.
- Experience developing high-availability and scalable SaaS applications for large user bases.
- Hands-on experience with public cloud platforms, preferably AWS, combined with expertise in production deployment, workflow automation, and system monitoring through CI/CD pipelines and Kubernetes.
- Skilled in developing RESTful APIs, web hooks, and other integrations, with additional expertise in data analysis services and managing relational and graph databases being a plus.
- Solid foundation in testing practices, encompassing unit, integration, and end-to-end testing, to ensure software reliability and optimal performance.
- Knowledge of secure coding practices (e.g., OWASP, SSDF) and familiarity with software supply chain security; open source contributions are a plus.
- Track record of delivering solutions that drive business outcomes; excellent written and verbal communication skills for engaging diverse stakeholders. Committed to being part of a team's growth and continuous improvement.
- Adaptable in dynamic, startup environments, comfortable in varied roles—from individual contributor to conference presenter—and skilled at making technical topics accessible to broad audiences.
#LI-Hybrid
Why Join Us?
At Stacklok, you will be a part of a culture that values open communication, collaboration, and innovation. We offer a competitive salary package and flexible work hours. If you’re a self-motivated and result-driven individual with a passion for designing and building secure, scalable, distributed systems, and you want to be part of the most exciting startup in the secure supply chain space, come and join us!
Stacklok Inc, is proud to be an equal opportunity employer. We are committed to providing equal employment opportunities for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law.