Staff Supply Chain Security Engineer, Docker Hardened Images

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Staff Supply Chain Security Engineer, Docker Hardened Images in Canada.

This role sits at the intersection of container security, open-source packaging, and large-scale software supply chain engineering. You will help define and evolve a catalogue of security-hardened container images and Helm charts used in regulated and security-sensitive environments worldwide. The position goes far beyond traditional software development, focusing instead on adapting, securing, and maintaining complex upstream dependencies across the Kubernetes and container ecosystem. You will shape technical standards, architectural conventions, and security practices that scale across dozens of images and deployments. Working closely with engineering, security, and product teams, you will translate real-world security and compliance needs into robust, production-grade artifacts. This is a highly influential individual contributor role where technical leadership, deep domain expertise, and systems thinking drive impact across the entire platform. The environment is remote-first, highly collaborative, and deeply rooted in open-source engagement and engineering excellence.

Accountabilities

• Define and evolve catalogue-wide technical standards for Docker Hardened Images, including image and Helm chart conventions, architecture patterns, and reusable engineering practices.
• Own complex packaging and adaptation challenges across upstream OSS projects, including managing version changes, dependency complexity, and multi-architecture builds.
• Author and maintain image definition files and Helm chart configurations, ensuring alignment with upstream releases and security-hardened deployment requirements.
• Adapt and standardize upstream Helm charts for secure deployment, enforcing best practices around Kubernetes compatibility, non-root execution, and enterprise constraints.
• Lead supply chain security initiatives, including CVE triage, SBOM generation, image signing, and adoption of modern provenance and attestation standards.
• Design and improve Go-based integration testing frameworks that validate image and chart behavior in real Kubernetes environments.
• Provide technical leadership through code review, mentorship, and architectural guidance, raising engineering standards across the team.
• Collaborate with product, security, and customer-facing teams to align catalogue priorities with enterprise needs and regulatory requirements.
• Participate in on-call rotations, incident response, and post-incident improvements to ensure reliability and production readiness.
• Engage with upstream open-source communities to influence and contribute to projects critical to hardened deployments.

Requirements

• 8+ years of backend engineering experience building production-grade systems in complex environments.
• Deep expertise in Kubernetes and container ecosystems, including hands-on experience with tools such as Helm, cert-manager, Istio, Grafana, or Kyverno.
• Strong background in container and supply chain security, including image hardening, multi-arch builds, provenance, SBOMs, and signing workflows.
• Advanced proficiency working with YAML-based configuration systems and defining scalable conventions used across engineering teams.
• Experience designing or contributing to Go-based test or integration frameworks for production systems.
• Strong systems thinking with the ability to evaluate trade-offs in ambiguous, high-impact technical decisions.
• Proven ability to influence engineering practices and standards through design, mentorship, and technical leadership without formal authority.
• Familiarity with open-source workflows, upstream maintenance, and collaborative OSS contribution practices.
• Bonus: experience in Linux packaging ecosystems, Helm chart authorship, regulated environments, or Staff-level IC roles in platform/security engineering.

Benefits

• Competitive compensation package with a salary range of USD $166,500 to $269,500 plus equity.
• Remote-first work culture with flexibility across Canada and the United States.
• Comprehensive health, dental, and vision insurance (varies by country).
• Paid parental leave and generous PTO policies.
• Annual wellness breaks and designated company-wide rest days.
• Home office setup support and monthly technology stipend.
• Training and development budget for courses, certifications, and conferences.
• Equity participation in a fast-growing global technology company.
• Inclusive, remote-first culture with global collaboration opportunities.

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1