Senior Application Security Engineer at Docker
Waterloo, CA


Security at Docker is not an afterthought. We believe in security by design and that security solutions should be seamlessly integrated and so simple to use they can be enabled by default wherever possible.

As a security engineer, you'll be involved in all security aspects of developing the Docker Edge & IoT platform. You'll work closely with the product development teams to ensure the company's product security goals are met.

The Edge & IoT team is looking to hire engineers with a security mindset for the Kitchener / Waterloo Ontario office.  Everyone on the team is expected to be an active contributor to Docker's products, applying a security lens to both your own code, and the peer code review process.

Responsibilities

Design, architect, implement and test secure frameworks, libraries, and services

Act as an Edge & IoT security subject matter expert and evangelist within the company and broader Docker community.

Be an active maintainer of Docker Projects by contributing Go code to the open-source projects, helping the community contribute, reviewing submissions, and participating in security design decisions.

Participate in product discussions, influence the roadmap, and take ownership and responsibility over new projects to make them happen.

Help lead Docker’s and the industry’s security architectures and software stacks.

Be the technical referent to external partners and in-house engineering teams for Edge & IoT security related topics, provide support by sharing knowledge and/or taking on the development effort.

Qualifications

Computer Science or Engineering degree.

Knowledge of the state-of-the-art in security protocols, design, and threat landscape

Proficient software development experience (some of: Go, Python, Java, C/C++, ...).

Interest or exposure to Docker, Kubernetes, AWS/GCP/Azure

Strong Linux fundamentals and experience working with Linux distributions.

Good communication skills, a sense of diplomacy, and a genuine eagerness to help others.

Excellent API design skills (straightforward, unsurprising, defensible).

Familiarity with some (not necessarily all) topics such as:

Cryptographic design and implementation

Kernel exploitation and remediation

Micro service and highly distributed/available architectures

Common crypto protocols (TLS, GPG, SSH, etc...)

Linux containerization

Authentication and authorization

Code signing

Networking and network security

TPM/hardware security modules

Multi-architecture: Arm, x86, GPUs

Perks

Professional development and training.

Attend conferences and working groups.

Modern bright office, centrally located and close to public transportation.

Enjoy snacks, drinks, and dinners (if working late).

Full benefits (Health, Dental, Vision, RRSP).

Customized workstation (Linux, macOS, Windows).

Company outings, happy hours, hackathons, and tech talks.

Docker is the leader in the containerization market, combining an enterprise-grade container platform with world-class services to give developers and IT alike the freedom to build, manage and secure applications without the fear of technology or infrastructure lock-in. Today’s organizations are under pressure to digitally transform their business but are constrained by a diverse portfolio of applications, clouds and premises-based infrastructures. Docker unlocks the potential of every organization with a container platform that brings traditional applications and microservices built on Window, Linux and mainframe into an automated and secure supply chain, advancing dev to ops collaboration. As a result, organizations report a 300 percent improvement in time to market, while reducing operational costs by 50 percent. Inspired by open source innovation and a rich ecosystem of technology and go-to-market partners, Docker’s container platform and services are used by millions of developers and more than 550 Global 10K commercial customers including ADP, GE, MetLife, PayPal and Societe Generale.