Docker
Engineering
StaffSupplyChainSecurityEngineer,DockerHardenedImages
Neural analysis suggests this role is
optimal for Lead candidates.
“Staff Supply Chain Security Engineer, Docker Hardened Images at Docker. Skills: Container security, Kubernetes, YAML, Supply chain. Set catalogue-wide technical direction. Define conventions, patterns, and architectural decisions”
What You'll Achieve.
Raise the bar across the team; Keep DHI ahead of upstream change; Ensure catalogue-wide architecture decisions scale; Ensure conventions scale across dozens of images and charts; Ensure technical strategy keeps DHI ahead of upstream change; Ensure images and charts are minimal, up-to-date, and safe to deploy; Ensure images and charts work with DHI images; Ensure security hardening strategy across the catalogue; Ensure images and charts behave correctly in real Kubernetes environments; Help other engineers grow into harder problems; Translate customer needs and regulatory pressures into catalogue priorities and technical decisions
Industry & Context.
Own the harder, ambiguous problems; Technical judgment in ambiguous situations; Comfort making and defending decisions where there's no perfect answer
Paid on-call rotation
What They're Looking For.
Must Have
8+ years of backend engineering experience with production-grade systems, Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent practical experience, Deep expertise in the container and Kubernetes ecosystem, Mastery of YAML as a working medium, container security background, Go ability sufficient to design test infrastructure, A maintainer mindset, applied at scale, technical judgment in ambiguous situations, Track record of technical influence without authority, Deep familiarity with GitHub-heavy open source workflows
Nice to Have
Experience as a package maintainer, Helm chart authorship or contribution experience, Hands-on experience with supply chain tooling, Experience in a regulated or security-conscious environment, Prior Staff-level IC experience on a platform, security, or developer-tools team
What You'll Do.
Set catalogue-wide technical direction
and architectural decisions
Own hardest packaging problems
Author and maintain image definition files
Adapt upstream Helm charts
Drive security hardening strategy
Design and write Go-based integration test infrastructure
Raise the bar through review and mentorship
Engage upstream OSS communities
Take part in paid on-call rotation
Debug production issues
Drive continuous improvement of system reliability
How You'll Work.
Team & Collaboration
Partner across teams with product, security, and customer-facing functions; Represent DHI in upstream OSS communities
Full Job Description
Docker has been one of the most loved brands in developer tooling, trusted by more than 20 million monthly users and over 20 billion container image pulls. From solo founders to the world's largest companies, developers rely on Docker to build, share, and run their applications across our suite of products including Docker Desktop, Docker Hub, and Docker Scout. We are a globally distributed, remote-first team building the tools that define how software gets built and delivered. As AI agents redefine software development, Docker is at the center of that shift, providing the sandboxed environments, verified images, and secure infrastructure that make autonomous workflows trustworthy by default. Docker Hardened Images (DHI) is Docker's catalogue of security-hardened, enterprise-grade container images and Helm charts - built to be minimal, up-to-date, and safe to deploy in regulated and security-conscious environments. We're looking for a Staff-level engineer to help shape the technical direction of this catalogue and raise the bar across the team that builds it. This is not a traditional software engineering role. You'll spend most of your time working with YAML definition files, upstream OSS projects, and the container and Kubernetes ecosystems - packaging and adapting software rather than building it from scratch. At the Staff level, you'll also own the harder, ambiguous problems: catalogue-wide architecture decisions, conventions that scale across dozens of images and charts, and the technical strategy that keeps DHI ahead of upstream change. If you've led packaging efforts at a Linux distribution, driven Helm chart standards across an org, or operated as a Staff platform/security engineer at the intersection of supply chain, containers, and Kubernetes, this will feel familiar. This is a pure individual contributor role - no direct reports. Influence comes through technical leadership, design, and mentorship. RESPONSIBILITIES - Setting catalogue-wide technical direc
Applying for this Staff Supply Chain Security Engineer, Docker Hardened Images role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Docker?
Real rants from real employees. Read before you apply.