Senior Security Engineer, Docker Desktop

About the Role

The successful candidate will be the primary security voice for the team, reviewing features and code before they ship, and serving as the first line of triage for reported vulnerabilities. This is a hands-on engineering role that requires a strong proficiency in Go, as well as experience with security design reviews, threat modeling, and secure development workflows.

Docker is a globally distributed, remote-first team that values collaboration, innovation, and transparency. As a Senior Security Engineer, you will be working closely with a team of talented engineers and security specialists to build the tools that define how software gets built and delivered.

What You Will Do

• Partner with engineering and product teams throughout the development lifecycle to identify security risks early
• Conduct threat modeling and security design reviews for new and evolving product features
• Serve as the team's primary liaison to the organization's security group, attending security syncs, relaying guidance, and translating central policy into practical engineering decisions
• Act as the first point of contact for incoming vulnerability reports and CVEs, validating severity, reproducing issues, coordinating disclosure timelines, and driving remediation with the relevant engineers
• Review Go code with a security mindset, identifying classes of issues such as privilege escalation, insecure defaults, injection risks, and improper credential handling
• Contribute security-focused improvements directly to the codebase where appropriate
• Develop and maintain internal security documentation, guidelines, and runbooks for the team
• Stay current on the Linux security landscape as it pertains to containers: namespaces, cgroups, seccomp, AppArmor, capabilities, and the evolving OCI ecosystem

What We Are Looking For

• 6+ years of experience in security engineering, application security, or a closely related discipline, with a track record at senior or staff level
• Strong proficiency in Go, with the ability to review and contribute to production-grade code
• Deep understanding of Linux fundamentals relevant to container security: namespaces, cgroups, capabilities, seccomp profiles, AppArmor/SELinux, rootless containers, and privilege boundaries
• Solid grasp of OCI specifications and container runtime security (e.g. runc, containerd, BuildKit)
• Hands-on experience with identity and access management concepts: OAuth 2.0, OIDC, token handling, and auth flows in desktop or cloud-adjacent contexts
• Experience performing security design reviews, threat modeling, and participating in secure development workflows

Nice to Have

• Experience with vulnerability management processes: CVE triage, CVSS scoring, coordinated disclosure, and working with external reporters
• Familiarity with container orchestration tools such as Kubernetes
• Experience with cloud security and compliance frameworks

Benefits and Perks

• Competitive salary and benefits package
• Opportunity to work with a talented team of engineers and security specialists
• Flexible working hours and remote work options
• Access to the latest technologies and tools
• Professional development opportunities
• Health and wellness programs
• Parental leave and family benefits

• Develop a strong understanding of container security and the Linux security landscape to stand out in this role
• Be prepared to provide examples of your experience with threat modeling, security design reviews, and secure development workflows
• Familiarize yourself with Docker's products and technologies, including Docker Desktop, Docker Hub, and Docker Scout
• Highlight your proficiency in Go and your ability to review and contribute to production-grade code
• Be ready to discuss your experience with identity and access management concepts, including OAuth 2.0, OIDC, and token handling
• Showcase your ability to communicate complex security concepts to both technical and non-technical stakeholders