Principal Software Engineer, Docker Hardened Images

About Docker: Docker is one of the most loved and recognized brands in developer tooling, trusted by a global network of more than 20 million monthly active users and accounting for over 20 billion container image pulls. From solo founders to the world’s largest enterprises, creators rely on our software to build, share, and run modern applications seamlessly across Docker Desktop, Docker Hub, and Docker Scout. As autonomous AI agents reshape the engineering environment, Docker sits at the absolute center of this structural transformation—providing the trusted sandboxed environments, verified image registries, and secure infrastructure layers that make automated workflows trustworthy by default.

Position Overview

We are seeking an exceptionally visionary, systems-minded, and security-focused Principal Software Engineer to lead our Docker Hardened Images (DHI) catalogue division under a permanent, full-time remote engagement framework open across Canada and the United States. Operating as a pure individual contributor (IC) who exerts deep industry influence through technical vision and design rather than administrative authority, you will step up to claim absolute multi-quarter technical roadmap ownership, container supply chain security posture, and catalog-scale platform architecture accountability. Shifting completely away from routine application feature scripting, low-stakes backend service modifications, or simple database schema adjustments, you will run an active software provenance, cryptographic signature, and multi-architecture optimization laboratory—partnering face-to-face with cross-functional engineering squads, product directors, security heads, and executive leaders. This position requires a cloud-native authority with 10+ years of backend depth who models minimal container image configurations fluidly natively using Cybersecurity parameters, evaluates software bills of materials (SBOM) and SLSA compliance frameworks cleanly inside high-volume distribution systems, and directs open-source software (OSS) strategy confidently to shape secure global delivery standards.

Key Responsibilities

• Core Platform Architecture Governance: Command the overarching technical architecture for the DHI catalogue, making high-leverage decisions that define how enterprise-grade container images and Helm charts are authored, secured, and evolved cleanly natively utilizing Cybersecurity benchmarks.
• Ecosystem Roadmap Engineering: Define and drive multi-quarter technical strategies for the hardening domain, balancing upstream package velocity against downstream consumer compliance and catalog scalability.
• Supply Chain Security Standardization: Set organization-scale conventions and security standards, establishing the patterns others build within for image definitions, signing models, attestation matrices (Sigstore, SBOM, SLSA), and multi-arch packaging constraints.
• Upstream OSS Community Leadership: Act as a trusted technical voice inside open-source communities, representing downstream requirements to actively guide the security direction of core internet software dependencies.
• Harness and Integration Test Innovation: Shape our developer tooling strategy and continuous verification frameworks, optimizing integration infrastructures to ensure the platform scales smoothly with the catalogue.
• Technical Ceilings Mentorship: Raise the technical capability across the engineering org, providing deep code design reviews, guiding staff and senior engineers, and creating durable operational leverage.
• Systemic Reliability Triage: Participate in the paid on-call rotation pool, managing high-priority incident investigations, debugging distributed production faults, and introducing systemic fixes to avoid regression patterns.

Required Skills & Qualifications

• A minimum of 10+ years of professional backend engineering experience, with a proven history delivering production-grade, highly available distributed systems at scale.
• Mandatory Kubernetes Ecosystem Depth: Deep, grounded technical mastery of the container and orchestration ecosystem, demonstrating an advanced capability to evaluate trade-offs among tools like Istio, Kyverno, cert-manager, or Grafana at an ecosystem level.
• Proven background driving organizational decisions across Container Supply Chain Security frameworks (including hands-on familiarity with provenance, attestations, software signatures, or SLSA levels).
• Masterful programming proficiency in Go (Golang), with a solid command of code review protocols, source controls, and modern cloud-native CI/CD automation.
• Demonstrated capability to lead multi-quarter technical paths and achieve executive alignment across engineering, security, and product lines without relying on formal authority.
• Outstanding written and verbal communication strengths, with full confidence conveying intricate security-relevant tradeoffs to technical and non-technical stakeholders alike.
• Location Context: Position operates under remote geographic guidelines open to qualified platform architects residing permanently within Canada or the United States.

Preferred Strategic Indicators (Nice to Have)

• Prior experience operating as an official package maintainer within a major Linux distribution, Homebrew, or an equivalent software repository.
• Direct exposure implementing automated supply chain tools (such as Sigstore or detailed SBOM generation) at enterprise scale.
• Familiarity working in strictly regulated environments (e.g., FedRAMP, FIPS, PCI compliance protocols) where compliance shapes core engineering decisions.
• Previous individual contributor experience at a Principal or Distinguished level within a security-focused or developer-tools platform team.

What We Offer

• Elite, Experience-Calibrated North American Salary Structure: Attractive base compensation guidelines structured to reward deep expertise:
  • United States: $180,500 – $397,139 USD / year
  • Canada: CA$245,913 – CA$367,167 CAD / year
• Universal corporate equity options, allowing you to share directly in the financial success of our growing tech platform.
• Absolute remote-first lifestyle freedom and scheduling flexibility, allowing you to fit work parameters around your life.
• Designated corporate quarterly "Whaleness Days" coupled with a coordinated end-of-year company-wide rejuvenation break.
• Generous home office setup allowances along with a consistent monthly technology stipend equivalent to $100 USD net.
• Comprehensive continuous learning benefits, featuring an active training stipend for professional courses, academic classes, and international tech conferences.
• Up to 16 weeks of fully paid parental leave benefits for expanding families following 6 months of employment.