Docker is looking to secure the container ecosystem through a holistic, developer-first approach to securing software and software artifacts, starting in the developer inner loop and continuing through to production, emphasizing ease-of-use and automation.
Requirements
- Experience building container images with BuildKit
- Understanding of low-level container image primitives, i.e., manifests, indices, digests, attestations, etc.
- Familiarity with Linux distributions and compiling software from source
- Experience with continuous integration systems, particularly GitHub Actions
- Knowledge of software security tooling like Docker Scout
Responsibilities
- Creating and supporting secure container images and related metadata like SBOMs and vulnerabilities
- Maintaining and enhancing SLSA Build Level 3 compliant build system leveraging BuiltKit and GitHub Actions
- Collectively own the security posture and developer experience of using secure container images
- Contribute to custom CVE feed and remediate vulnerabilities across the image catalog
- Work with the team to develop custom-trained generative AI systems for image creation and maintenance
- Begin to enhance image build and deployment user experience
- Contribute to increased automation and efficiency of the secure image factory
Other
- Integrate into a dynamic team building security-first container images for customers
- Help other new team members onboard
- Regularly interact with customers using the images
- Due to the remote nature of this role, we are unable to provide visa sponsorship.
- We use Covey as part of our hiring and / or promotional process for jobs in NYC and certain features may qualify it as an AEDT.
