Staff Software Engineer, Hardened Images

The Supply Chain Security group at Docker is focused on securing the container ecosystem through a developer-first approach. This role centers on Docker Hardened Images, involving securing container images, maintaining the build system, and working with open-source software, Linux distribution packages, BuildKit, GitHub Actions, Docker Scout, and CVEs.

Responsibilities include creating and supporting secure container images, maintaining a SLSA Build Level 3 compliant build system, and owning the security posture and developer experience of using secure container images. Qualifications include experience building container images with BuildKit, understanding of container image primitives, familiarity with Linux distributions, experience with CI systems like GitHub Actions, and knowledge of software security tooling. The role involves interacting with customers and contributing to generative AI systems for image creation and maintenance, ultimately increasing developer productivity while reducing vulnerability exposure.