Staff Backend Engineer, Secure Policy (US/Canada Eastern or European CET/Western Regions)

At Docker, we make app development easier so developers can focus on what matters. Our remote-first team spans the globe, united by a passion for innovation and great developer experiences. With over 20 million monthly users and 20 billion image pulls, Docker is the #1 tool for building, sharing, and running apps—trusted by startups and Fortune 100s alike. We’re growing fast and just getting started. Come join us for a whale of a ride!

The Supply Chain Security group is rethinking software development and operations security with a holistic, developer-first approach. We’re building an end-to-end solution for securing the container ecosystem — from the developer’s inner loop to production — with automation, scalability, and ease-of-use at the center.

We’re looking for a Staff Backend Engineer who thrives at the intersection of large-scale infrastructure and security. The ideal candidate not only has experience building and running services at scale, but also understands the importance of security and policy enforcement in protecting modern software supply chains. You’ll collaborate with product managers, designers, and other engineers to deliver, secure, and evolve Docker’s registry and SaaS offerings — shaping the way developers around the world deliver containers more effectively and securely.

• Develop, deploy, and monitor microservices and serverless components in AWS.

• Build and improve automation tooling including GitHub Actions, Argo CD, and Grafana dashboards.

• Tackle high-performance engineering challenges to deliver container images and metadata efficiently and securely.

• Design and enforce security and compliance policies across delivery pipelines.

• Collectively own the security posture and developer experience of secure container images.

• 5+ years of experience building, deploying, and monitoring microservices on top of cloud infrastructure (AWS, Azure, GCP, etc.).

• Proficiency in modern programming languages (we primarily use Go).

• Knowledge of relational and non-relational databases in high-volume environments.

• Strong grasp of software engineering best practices (code review, source control, CI/CD, testing).

• Comfortable working with autonomy across distributed, remote teams.

• Bonus points: hands-on experience in infrastructure security, policy enforcement, or compliance frameworks (e.g., SLSA, SOC 2, FedRAMP).

First 30 Days

• Meet the team and understand the mission.

• Explore the codebase and ship your first small change.

First 90 Days

• Feel confident in a portion of the codebase.

• Ship a more significant change and demo it internally.

• Attend a customer call to learn how our registry supports real-world needs.

• Gain a working understanding of Docker personas and how they apply to the registry.

First Year

• Take ownership over a functional area (scope depends on level).

• Help shape the direction of Docker products, with a strong focus on security and policy enforcement.

• Collaborate across teams to deliver end-to-end features that strengthen supply chain

We use Covey as part of our hiring and / or promotional process for jobs in NYC and certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on April 13, 2024.

Please see the independent bias audit report covering our use of Covey.

• Freedom & flexibility; fit your work around your life

• Designated quarterly Whaleness Days

• Home office setup; we want you comfortable while you work

• 16 weeks of paid Parental leave

• Technology stipend equivalent to $100 net/month

• PTO plan that encourages you to take time to do the things you enjoy

• Quarterly, company-wide hackathons

• Training stipend for conferences, courses and classes

• Equity; we are a growing start-up and want all employees to have a share in the success of the company

• Docker Swag

• Medical benefits, retirement and holidays vary by country

Docker embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our company will be.

Due to the remote nature of this role, we are unable to provide visa sponsorship.

#LI-REMOTE