Docker, IncRemote
Senior Supply Chain Security Engineer
United States of America
Full Time
3 hours ago
$84,000 - $140,000 USD
H1B Sponsor Likely
Key skills
DockerKubernetesHelm chartsYAMLGo programmingContainer securityGitHubOpen source workflowsCert-managerKyvernoGrafanaIstioCVE triagingLinux package maintenanceSupply chain security toolingSBOMSLSAGoHelmMongoDB
About this role
Docker, Inc is a leading brand in developer tooling, trusted by millions of users worldwide. They are seeking a Senior Supply Chain Security Engineer to maintain security-hardened container images and contribute to the Kubernetes ecosystem, ensuring secure and reliable software delivery.
Responsibilities:
- Authoring and maintaining image definition files that track upstream OSS project releases, define build steps, and keep our catalogue current across dozens of images
- Adapting upstream Helm charts (cert-manager, grafana, mongodb, kyverno, and many more) to work with DHI images - handling security constraints, non-root contexts, and Kubernetes compatibility concerns
- Tracking upstream version releases and semver patterns across monorepos and standard repos, handling major version breaks and dependency chains
- Writing Go-based integration tests that validate images and charts behave correctly in real Kubernetes environments
- Triaging CVEs and contributing to security hardening decisions across images
- Reviewing peers' definitions and chart PRs against established conventions and catching subtle issues before they reach customers
Requirements:
- 6+ years of backend engineering experience with production-grade systems
- Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent practical experience
- Strong familiarity with the container and Kubernetes ecosystem - you know what cert-manager, kyverno, grafana, and istio are, you've deployed them, and you can read upstream Helm chart source without getting lost
- Comfort with YAML as a primary working medium - you think carefully about structure, conventions, and patterns
- Understanding of container security basics - non-root users, UID/GID, image layers, multi-arch builds, supply chain concepts
- Some Go ability - enough to read and write test code, not to build distributed systems
- A maintainer mindset - you take pride in consistency, catch drift from patterns, and think about how your change affects others downstream
- Familiarity with GitHub-heavy open source workflows - PRs, upstream tracking, monorepo conventions
- Experience as a package maintainer (any Linux distribution, Homebrew, etc.)
- Helm chart authorship or contribution experience
- Familiarity with supply chain tooling (Sigstore, SBOM, SLSA)
- Experience in a regulated or security-conscious environment