← Back to list
Job · Senior

Senior Supply Chain Security Engineer

Security Engineer • Senior • Remote • Full-time • 📍 Canada

Docker is hiring a Senior Supply Chain Security Engineer for the team behind Docker Hardened Images (DHI), a catalogue of security-hardened, enterprise-grade container images and Helm charts built to be minimal, up-to-date, and safe for regulated environments. This is not a traditional software engineering role: most of the work involves YAML definition files, upstream open-source projects, and the container and Kubernetes ecosystems, packaging and adapting software rather than building it from scratch. The role suits people with a background in Linux package maintenance, Helm chart contributions, or platform/infrastructure engineering with a strong security lean.

Responsibilities

  • Author and maintain image definition files that track upstream OSS releases, define build steps, and keep the catalogue current across dozens of images
  • Adapt upstream Helm charts (cert-manager, grafana, mongodb, kyverno, and more) to work with DHI images, handling security constraints, non-root contexts, and Kubernetes compatibility
  • Track upstream version releases and semver patterns across monorepos and standard repos, handling major version breaks and dependency chains
  • Write Go-based integration tests that validate images and charts in real Kubernetes environments
  • Triage CVEs and contribute to security hardening decisions across images
  • Review peers' definitions and chart PRs against established conventions and catch subtle issues before they reach customers
  • Participate in an on-call rotation as needed, including evenings, weekends, and holidays

Requirements

  • 6+ years of backend engineering experience with production-grade systems
  • Strong familiarity with the container and Kubernetes ecosystem (cert-manager, kyverno, grafana, istio) and the ability to read upstream Helm chart source
  • Comfort with YAML as a primary working medium, with careful attention to structure, conventions, and patterns
  • Understanding of container security basics: non-root users, UID/GID, image layers, multi-arch builds, supply chain concepts
  • Some Go ability, enough to read and write test code
  • Familiarity with GitHub-heavy open source workflows: PRs, upstream tracking, monorepo conventions

Nice to have

  • Experience as a package maintainer (any Linux distribution, Homebrew, etc.)
  • Helm chart authorship or contribution experience
  • Familiarity with supply chain tooling (Sigstore, SBOM, SLSA)
  • Experience in a regulated or security-conscious environment

Soft skills

Maintainer mindset: pride in consistency, catching drift from patterns, and thinking about downstream impact

What we offer

  • Freedom and flexibility to fit work around your life
  • Designated quarterly Whaleness Days plus an end-of-year Whaleness break
  • Home office setup
  • 16 weeks of paid parental leave (after 6 months of employment)
  • Technology stipend equivalent to $100 USD net/month
  • PTO plan that encourages taking time off
  • Training stipend for conferences, courses, and classes
  • Equity in a growing start-up
  • Docker swag
  • Medical benefits, retirement, and holidays varying by country
  • Remote-first culture with offices in Seattle and Paris
  • Visa sponsorship considered on a case-by-case basis

About the company

Docker is one of the most loved brands in developer tooling, trusted by more than 20 million monthly users with over 20 billion container image pulls. Developers rely on Docker Desktop, Docker Hub, and Docker Scout to build, share, and run applications. Docker is a globally distributed, remote-first team, and as AI agents redefine software development, it provides the sandboxed environments, verified images, and secure infrastructure that make autonomous workflows trustworthy by default.

Education: Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent practical experience