← Zurück zur Liste
Stelle · Senior

Senior Security Engineer, Docker Desktop

Security Engineer • Senior • Remote • Vollzeit • 📍 Canada

Docker is looking for a Senior Security Engineer embedded in the Desktop engineering team to own the security posture of a complex, cross-platform product sitting at the intersection of identity, OCI runtimes, and Linux kernel internals. You will be the team's primary security voice, reviewing features and code before they ship, partnering with the central security organization, and serving as the first line of triage for reported vulnerabilities. It is a hands-on engineering role for someone who thinks in threat models and communicates clearly with both product engineers and security specialists.

Responsibilities

  • Partner with engineering and product teams throughout the development lifecycle to identify security risks early, from design review through code review and release
  • Conduct threat modeling and security design reviews for new and evolving features, focusing on authentication, authorization, and container runtime security
  • Serve as the team's primary liaison to the central security group, attending security syncs and translating policy into practical engineering decisions
  • Act as first point of contact for vulnerability reports and CVEs: validate severity, reproduce issues, coordinate disclosure timelines, and drive remediation
  • Review Go code with a security mindset, identifying privilege escalation, insecure defaults, injection risks, and improper credential handling
  • Contribute security-focused improvements directly to the codebase where appropriate
  • Develop and maintain internal security documentation, guidelines, and runbooks
  • Stay current on the Linux security landscape for containers: namespaces, cgroups, seccomp, AppArmor, capabilities, and the evolving OCI ecosystem
  • Participate in an on-call rotation as needed, including evenings, weekends, and holidays

Requirements

  • 6+ years of experience in security engineering, application security, or a closely related discipline, with a track record at senior or staff level
  • Strong proficiency in Go, with the ability to review and contribute to production-grade code
  • Deep understanding of Linux fundamentals relevant to container security: namespaces, cgroups, capabilities, seccomp profiles, AppArmor/SELinux, rootless containers, privilege boundaries
  • Solid grasp of OCI specifications and container runtime security (e.g. runc, containerd, BuildKit)
  • Hands-on experience with identity and access management: OAuth 2.0, OIDC, token handling, and auth flows in desktop or cloud-adjacent contexts
  • Experience performing security design reviews, threat modeling, and secure development workflows
  • Familiarity with vulnerability management: CVE triage, CVSS scoring, coordinated disclosure, working with external reporters

Soft skills

Strong written and verbal communication skillsComfort bridging the gap between a dedicated security team and a product engineering teamThinking in threat models

What we offer

  • Freedom and flexibility to fit work around your life
  • Designated quarterly Whaleness Days plus an end-of-year Whaleness break
  • Home office setup
  • 16 weeks of paid parental leave (after 6 months of employment)
  • Technology stipend equivalent to $100 USD net/month
  • PTO plan that encourages taking time off
  • Training stipend for conferences, courses, and classes
  • Equity in a growing start-up
  • Docker swag
  • Medical benefits, retirement, and holidays varying by country
  • Remote-first culture with offices in Seattle and Paris
  • Visa sponsorship considered on a case-by-case basis

About the company

Docker is one of the most loved brands in developer tooling, trusted by more than 20 million monthly users with over 20 billion container image pulls. Developers rely on Docker Desktop, Docker Hub, and Docker Scout to build, share, and run applications. Docker is a globally distributed, remote-first team providing the sandboxed environments, verified images, and secure infrastructure that make autonomous AI workflows trustworthy by default.

Education: Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent practical experience