Original listing text, shown exactly as published by the company.
Responsibilities
- Own the architecture for DHI as a platform, making high-leverage decisions that define how images and Helm charts are authored, secured, distributed, and evolved across the entire catalogue and across Docker's broader product surface.
- Define and drive multi-quarter technical roadmaps for the container hardening domain, balancing upstream velocity, supply chain security posture, customer compliance requirements, and long-term catalogue scalability.
- Identify systemic patterns from customer, operational, and upstream signals and translate them into architectural changes that span the catalogue, not just individual images or charts.
- Build alignment across teams and executives on technical strategy, tradeoffs, and sequencing, including product, security, infrastructure, and customer-facing functions.
- Represent Docker as a trusted technical voice in escalations, key enterprise customer engagements, and upstream OSS communities on issues that shape the future of secure container delivery.
- Set conventions and standards at scale, defining the patterns others build within for image definition, Helm chart adaptation, hardening strategy, and supply chain tooling (Sigstore, SBOM, SLSA), and evolving those standards as the ecosystem changes.
- Drive the hardest, most ambiguous packaging problems where the right answer requires reasoning across upstream dynamics, security tradeoffs, multi-arch constraints, and customer impact simultaneously.
- Shape the integration test infrastructure and developer tooling strategy so that DHI's engineering platform scales with the catalogue and raises quality across the team.
- Mentor and raise the technical ceiling for staff and senior engineers across the org, through review, design, and well-chosen architectural decisions that create durable leverage.
- Take part in the paid on-call rotation; respond to incidents, debug production issues, and drive systemic improvements in reliability.
Qualifications
- 10+ years of backend engineering experience, including extensive work on production-grade, distributed systems at scale.
- Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent practical experience.
- Ability to set multi-quarter technical roadmaps and align stakeholders (engineering, product, and executives) on strategy and tradeoffs.
- Deep expertise in the container and Kubernetes ecosystem: you have strong, grounded opinions about cert-manager, kyverno, grafana, istio, and similar projects, and you can reason about tradeoffs at the ecosystem level, not just the image level.
- Mastery of container supply chain security concepts (provenance, attestation, SBOM, signing, SLSA) and experience driving posture decisions across an organization rather than implementing them on a single project.
- Strong software engineering fundamentals: code review, testing, source control, CI/CD, and Go sufficient to shape infrastructure and harness design.
- Track record of technical influence without authority across multiple teams or organizations, raising quality through design docs, standards, review, and mentorship.
- Experience navigating upstream OSS communities as a decision-maker, representing a downstream organization's requirements and shaping upstream direction on security-relevant issues.
- Comfort working across remote, distributed teams and communicating complex technical strategy clearly to both technical and non-technical audiences.
Bonus but not required
- Experience as a package maintainer at a Linux distribution, Homebrew, or comparable ecosystem.
- Hands-on experience implementing or operationalizing supply chain tooling (Sigstore, SBOM, SLSA) at org scale.
- Experience in regulated environments (FedRAMP, FIPS, PCI) with direct exposure to compliance requirements shaping engineering decisions.
- Prior Principal or Distinguished IC experience on a platform, security, or developer-tools team.
- Experience engaging directly with enterprise customers on container security architecture.
What to ExpectFirst 30 Days
- Align with leadership on the most critical org-wide technical risks and opportunities in container supply chain security.
- Develop a point of view on DHI's current architectural constraints and where the highest-leverage interventions are.
- Begin mapping the cross-functional landscape: product priorities, upstream pressures, customer compliance signals, and engineering gaps.
First 90 Days
- Drive an architectural decision that unblocks multiple teams and reduces systemic risk across the catalogue.
- Establish a feedback loop from customer, operational, and upstream signals into the multi-quarter roadmap.
- Engage upstream OSS communities on at least one DHI-relevant issue with meaningful influence on direction.
First Year
- Deliver a major platform or standards evolution with broad adoption across DHI and adjacent teams.
- Create durable alignment across engineering, product, and security on catalogue architecture, supply chain posture, and hardening strategy.
- Raise the technical ceiling for the engineers around you, measurably improving review quality, architectural consistency, and the team's ability to operate independently at a higher level.
