RemoteMatchers
Docker

Senior Software Engineer, IAM

Docker💰 CAD 225,300 - CAD 361,750
Go (30%)Identity Access Management (30%)+3 more
⏱️ Posted 1mo ago✅ Verified 4 hours ago
✨ AI Summary

Docker has been one of the most loved brands in developer tooling, trusted by more than 20 million monthly users and over 20 billion container image pulls. From solo founders to the world's largest companies, developers rely on Docker to build, share, and run their applications across our suite of products including Docker Desktop, Docker Hub, and Docker Scout.

We are a globally distributed, remote-first team building the tools that define how software gets built and delivered. As AI agents redefine software development, Docker is at the center of that shift, providing the sandboxed environments, verified images, and secure infrastructure that make autonomous workflows trustworthy by default.

We're looking for a Senior Software Engineer to join our IAM team. The IAM team owns Docker’s identity backbone: the systems that determine who a user is, what they can do, and how organizations govern access at scale. Every authenticated request to Docker depends on these services—making their correctness, latency, and security foundational to customer trust.

The team owns authentication and authorization, access tokens, OIDC, SSO, and SCIM, and user and account management systems, along with supporting enterprise services. You'll work on systems used by millions of developers and the world's largest organizations, with the governance controls enterprise customers require.

This is a high-impact role for an engineer who enjoys deep backend work in a space where correctness, latency, and security all matter - and where the design decisions you make today shape how Docker scales identity for years to come.

Responsibilities

Design, build, and operate Go services powering authentication, authorization, token handling, and identity lifecycle across Docker

Extend OIDC, SSO, SAML, and SCIM integrations, and evolve our authorization model (including ReBAC) as permissions scale across products and tenants

Improve observability, performance, and security posture of identity services on the hot path of every authenticated request, and strengthen audit logging

Design for multi-region operation, graceful degradation, and safe rollout of changes to critical auth flows

Lead projects end-to-end, contribute to technical design and long-term direction of the IAM platform, and mentor teammates in identity and security domains

Partner with Product, Security, and engineering teams that depend on IAM primitives to ensure our APIs are clear, safe, and easy to adopt

This role may require participation in an on-call rotation to provide support outside of standard business hours, including evenings, weekends, and holidays, as needed.

What You'll Work On

Beyond steady-state ownership of our identity services, you’ll help shape the next phase of Docker’s IAM platform, including evolving our authorization model for fine-grained, cross-product access, expanding support for enterprise identity integrations, and improving the reliability and observability of systems on the critical request path.

Qualifications

6+ years of backend software engineering experience building and operating production services

Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent practical experience

Strong proficiency in Go, including building and operating services in production

Solid working knowledge of PostgreSQL - schema design, query performance, migrations, and operating Postgres under real load

Experience with gRPC and event-driven systems using Kafka (or comparable)

Experience operating on AWS

Strong understanding of core identity and security concepts: OAuth2, OIDC, SAML, JWT, token lifecycle, and session management

Experience with authorization models, including RBAC and ReBAC-style approaches

Track record of designing and operating distributed systems where reliability, security, and correctness are first-class concerns

Willingness and ability to participate in an on-call rotation for services on the critical request path

Excellent written and verbal communication skills in a remote, async-first environment

Nice to Have

Production experience with SCIM provisioning and enterprise SSO integrations

Hands-on experience with Auth0 or similar identity platforms

Experience building or operating multi-region services and understanding the tradeoffs involved

Exposure to compliance frameworks relevant to identity (SOC 2, ISO 27001, GDPR)

Experience with audit logging at scale, or with building identity primitives for machine / workload identities

What to Expect

First 30 Days

Get to know the team, our services, and the identity domain at Docker

Pair with engineers across the IAM stack and ship your first changes to production

Get comfortable with our Go services, Postgres schemas, CI/CD, and on-call practices

First 90 Days

Own a meaningful component or workstream end-to-end

Contribute to technical design discussions on auth, tokens, or enterprise identity

Build strong working relationships with Product, Security, and partner engineering teams

Begin participating in the on-call rotation with support from the team

First Year

Be a trusted technical leader within IAM, owning a functional area of the platform

Lead delivery of significant identity initiatives and shape the direction of the IAM roadmap

Improve reliability, security, and developer experience of the identity primitives other Docker teams depend on

Mentor teammates and raise the bar on engineering practices across the team

Docker considers visa sponsorship on a case-by-case basis based on business needs.

Perks

Freedom & flexibility; fit your work around your life

Designated quarterly Whaleness Days plus end of year Whaleness break

Home office setup; we want you comfortable while you work

16 weeks of paid Parental leave (after 6 months of employment)

Technology stipend equivalent to $100 USD net/month

PTO plan that encourages you to take time to do the things you enjoy

Training stipend for conferences, courses and classes

Equity; we are a growing start-up and want all employees to have a share in the success of the company

Docker Swag

Medical benefits, retirement and holidays vary by country

Remote-first culture, with offices in Seattle and Paris

Docker embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our company will be.

#LI-REMOTE