Senior Security Engineer managing security for Docker Desktop. Collaborating with engineering and security teams to ensure product security and integrity.
Responsibilities
Partner with engineering and product teams throughout the development lifecycle to identify security risks early, from design review through code review and release.
Conduct threat modeling and security design reviews for new and evolving product features, with particular focus on authentication, authorization, and container runtime security.
Serve as the team's primary liaison to the organization's security group, attending security syncs, relaying guidance, and translating central policy into practical engineering decisions.
Act as the first point of contact for incoming vulnerability reports and CVEs: validate severity, reproduce issues, coordinate disclosure timelines, and drive remediation with the relevant engineers.
Review Go code with a security mindset, identifying classes of issues such as privilege escalation, insecure defaults, injection risks, and improper credential handling.
Contribute security-focused improvements directly to the codebase where appropriate.
Develop and maintain internal security documentation, guidelines, and runbooks for the team.
Stay current on the Linux security landscape as it pertains to containers: namespaces, cgroups, seccomp, AppArmor, capabilities, and the evolving OCI ecosystem.
Requirements
6+ years of experience in security engineering, application security, or a closely related discipline, with a track record at senior or staff level.
Strong proficiency in Go, with the ability to review and contribute to production-grade code.
Deep understanding of Linux fundamentals relevant to container security: namespaces, cgroups, capabilities, seccomp profiles, AppArmor/SELinux, rootless containers, and privilege boundaries.
Solid grasp of OCI specifications and container runtime security (e.g. runc, containerd, BuildKit).
Hands-on experience with identity and access management concepts: OAuth 2.0, OIDC, token handling, and auth flows in desktop or cloud-adjacent contexts.
Experience performing security design reviews, threat modeling, and participating in secure development workflows.
Familiarity with vulnerability management processes: CVE triage, CVSS scoring, coordinated disclosure, and working with external reporters.
Strong written and verbal communication skills; comfortable bridging the gap between a dedicated security team and a product engineering team.
Benefits
Freedom & flexibility; fit your work around your life
Designated quarterly Whaleness Days plus end of year Whaleness break
Home office setup; we want you comfortable while you work
16 weeks of paid Parental leave
Technology stipend equivalent to $100 net/month
PTO plan that encourages you to take time to do the things you enjoy
Training stipend for conferences, courses and classes
Equity; we are a growing start-up and want all employees to have a share in the success of the company
Docker Swag
Medical benefits, retirement and holidays vary by country
Remote-first culture, with offices in Seattle and Paris
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.