Staff Backend Engineer, Secure Policy (us/canada Eastern Or European Cet/western Regions)

Staff Backend Engineer

At Docker, we make app development easier so developers can focus on what matters. Our remote-first team spans the globe, united by a passion for innovation and great developer experiences. With over 20 million monthly users and 20 billion image pulls, Docker is the #1 tool for building, sharing, and running apps—trusted by startups and Fortune 100s alike. We're growing fast and just getting started. Come join us for a whale of a ride!

The Supply Chain Security group is rethinking software development and operations security with a holistic, developer-first approach. We're building an end-to-end solution for securing the container ecosystem—from the developer's inner loop to production—with automation, scalability, and ease-of-use at the center.

We're looking for a Staff Backend Engineer who thrives at the intersection of large-scale infrastructure and security. The ideal candidate not only has experience building and running services at scale, but also understands the importance of security and policy enforcement in protecting modern software supply chains. You'll collaborate with product managers, designers, and other engineers to deliver, secure, and evolve Docker's registry and SaaS offerings—shaping the way developers around the world deliver containers more effectively and securely.

Responsibilities

• Develop, deploy, and monitor microservices and serverless components in AWS.
• Build and improve automation tooling including GitHub Actions, Argo CD, and Grafana dashboards.
• Tackle high-performance engineering challenges to deliver container images and metadata efficiently and securely.
• Design and enforce security and compliance policies across delivery pipelines.
• Collectively own the security posture and developer experience of secure container images.

Qualifications

• 5+ years of experience building, deploying, and monitoring microservices on top of cloud infrastructure (AWS, Azure, GCP, etc.).
• Proficiency in modern programming languages (we primarily use Go).
• Knowledge of relational and non-relational databases in high-volume environments.
• Strong grasp of software engineering best practices (code review, source control, CI/CD, testing).
• Comfortable working with autonomy across distributed, remote teams.
• Bonus points: hands-on experience in infrastructure security, policy enforcement, or compliance frameworks (e.g., SLSA, SOC 2, FedRAMP).

What to Expect

First 30 Days

• Meet the team and understand the mission.
• Explore the codebase and ship your first small change.

First 90 Days

• Feel confident in a portion of the codebase.
• Ship a more significant change and demo it internally.
• Attend a customer call to learn how our registry supports real-world needs.
• Gain a working understanding of Docker personas and how they apply to the registry.

First Year

• Take ownership over a functional area (scope depends on level).
• Help shape the direction of Docker products, with a strong focus on security and policy enforcement.
• Collaborate across teams to deliver end-to-end features that strengthen supply chain.

Docker embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our company will be.

Due to the remote nature of this role, we are unable to provide visa sponsorship.