Senior Security Engineer, Docker Desktop

Docker has been one of the most loved brands in developer tooling, trusted by more than 20 million monthly users and over 20 billion container image pulls. From solo founders to the world's largest companies, developers rely on Docker to build, share, and run their applications across our suite of products including Docker Desktop, Docker Hub, and Docker Scout.

We are a globally distributed, remote-first team building the tools that define how software gets built and delivered. As AI agents redefine software development, Docker is at the center of that shift, providing the sandboxed environments, verified images, and secure infrastructure that make autonomous workflows trustworthy by default.

As a Senior Security Engineer embedded in the Desktop engineering team, you will own the security posture of a complex, cross-platform product that sits at the intersection of identity, OCI runtimes, and Linux kernel internals. You will be the team's primary security voice, reviewing features and code before they ship, partnering with our central security organization, and serving as the first line of triage for reported vulnerabilities.

This is a hands-on engineering role for someone who thinks in threat models and communicates clearly with both product engineers and security specialists alike.

RESPONSIBILITIES:

- Partner with engineering and product teams throughout the development lifecycle to identify security risks early, from design review through code review and release.

- Conduct threat modeling and security design reviews for new and evolving product features, with particular focus on authentication, authorization, and container runtime security.

- Serve as the team's primary liaison to the organization's security group, attending security syncs, relaying guidance, and translating central policy into practical engineering decisions.

- Act as the first point of contact for incoming vulnerability reports and CVEs: validate severity, reproduce issues, coordin...