Jobs · Information Technology

Senior Supply Chain Security Engineer

Docker, Inc · United States · 3 wk ago
RemoteRemoteInformation Technology$155k–$251k/yrFull-time

Responsibilities

  • Authoring and maintaining image definition files that track upstream OSS project releases, define build steps, and keep our catalogue current across dozens of images
  • Adapting upstream Helm charts (cert-manager, grafana, mongodb, kyverno, and many more) to work with DHI images - handling security constraints, non-root contexts, and Kubernetes compatibility concerns
  • Tracking upstream version releases and semver patterns across monorepos and standard repos, handling major version breaks and dependency chains
  • Writing Go-based integration tests that validate images and charts behave correctly in real Kubernetes environments
  • Triage CVEs and contribute to security hardening decisions across images
  • Reviewing peers' definitions and chart PRs against established conventions and catching subtle issues before they reach customers

Qualifications

  • 6+ years of backend engineering experience with production-grade systems
  • Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent practical experience
  • Strong familiarity with the container and Kubernetes ecosystem - you know what cert-manager, kyverno, grafana, and istio are, you've deployed them, and you can read upstream Helm chart source without getting lost
  • Comfort with YAML as a primary working medium - you think carefully about structure, conventions, and patterns
  • Understanding of container security basics - non-root users, UID/GID, image layers, multi-arch builds, supply chain concepts
  • Some Go ability - enough to read and write test code, not to build distributed systems
  • A maintainer mindset - you take pride in consistency, catch drift from patterns, and think about how your change affects others downstream
  • Familiarity with GitHub-heavy open source workflows - PRs, upstream tracking, monorepo conventions
  • Bonus: Experience as a package maintainer (any Linux distribution, Homebrew, etc.), Helm chart authorship or contribution experience, Familiarity with supply chain tooling (Sigstore, SBOM, SLSA), Experience in a regulated or security-conscious environment

Pay

Compensation Range: $154.6k - $250.8k

Similar jobs

Senior Security Engineer

TekSynapFort Belvoir, VA· 2 wk ago
Information Technology$180k–$245k/yrapply on careers-teksynap.icims.com

Senior Security Engineer

WedbushJersey City, NJ· 2 wk ago
Information Technology$145k–$165k/yrapply on wedbush.atsondemand.com

Senior Security Engineer

Zermount, Inc.United States· 3 wk ago
RemoteInformation Technologyapply on zermount.isolvedhire.com

SENIOR SECURITY ENGINEER

North East Medical ServicesDaly City, CA· 3 wk ago
Information Technologyapply on paycomonline.net