Location: Paris
Contract Type: Permanent (CDI)
Experience: 5+ years
Salary: 50K-65K€ based on profile
Who are we?
We help organizations deploy reliable, custom, high-impact solutions quickly. At Quicksort, we build secure, production-grade platform and AI engineering for the most demanding industries: finance, legal, compliance.
Our team combines a rigorous engineering approach with a lean methodology to design custom, reliable solutions that are directly operational in production — at the scale of large regulated organizations.
Your Mission
As a Docker Image Governance Expert, you will design and operate the trust framework that governs how container images are built, secured, and distributed across a major international banking group. You will work within the Platform Engineering / DevSecOps teams to take the image supply chain from its current state to a standardized, compliant, and automated target.
What you'll do:
- Define the new governance standards for build images (naming, versioning, labelling, lifecycle).
- Define the target architecture and the roadmap to move from the existing landscape to that target — and supervise its rollout.
- Break the roadmap down into concrete, prioritized tasks.
- Implement CI services and GitLab CI pipelines for the full image chain: build image / base image / runtime image.
- Automate image remediation in GitLab CI — deprecation, obsolescence, vulnerability handling, and cleanup — with an AI-assisted approach.
- Produce client-facing and technical documentation, and support the deployment of the solution with client teams.
- Steer the impact of improvements through clear governance KPIs.
Project Examples:
- Vulnerability scanning pipelines (Trivy, Snyk, Nexus IQ, JFrog Xray) with acceptance thresholds and CI/CD blocking rules.
- Image signing, SBOM, and traceability (Cosign, SBOM SPDX/CycloneDX).
- Admission policies on Kubernetes / OpenShift (OPA Gatekeeper, Kyverno) — allowlist and digest enforcement.
- Registry governance and image promotion across environments ( JFrog Artifactory).
Profile Sought:
- 8+ years on containerized, cloud-native environments, including governance or platform engineering at scale.
- Deep expertise in Docker, GitLab CI, and Kubernetes — required.
- Solid grasp of image security: scanning, signing, SBOM, CVE remediation.
- Comfort with policy-as-code and CI/CD integration.
- Agile delivery mindset.
- Technical English required (documentation, tickets, international exchanges).
- Exposure to regulated environments (Finance, Banking, Insurance) strongly appreciated.
- CKA / CKS certifications are a plus.
Some of our core values:
- Bias for action.
- Excellence.
- Leave your ego aside.
Sign in
To continue your applicationor continue with email
By continuing you agree to our Terms & Privacy Policy.
