Über
9 months (option to convert to direct hire at end of term) (Contract-to-Hire)
8:00 AM-5:00 PM
Location:
Atlanta - GA, La Vista - NE, Oakdale - MN, Scottsdale - AZ, St. Petersburg - FL Department:
Security Engineering & Operations
Role Summary We're seeking a hands-on Cyber Security Engineer with a strong focus on container security to develop standards/policies, design and implement controls, and support operationalization of security measures across our estate. You'll work across both Windows and Linux platforms, with a minimum of 3+ years practical experience in Docker and Kubernetes. The role requires a self-starter who can work independently, produce clear documentation, and contribute to our broader cybersecurity initiatives. Azure experience is preferred.
Key Responsibilities
Standards & Policy Development
uthor, maintain, and socialize container security standards, baseline configurations, and operational runbooks. Define control requirements for Kubernetes clusters and Docker runtimes (networking, RBAC, secrets, compliance, logging).
Control Design & Implementation
Engineer and deploy
container-specific security controls
across the estate (on-prem & cloud), including:
Kubernetes RBAC, NetworkPolicies, PodSecurity standards (or replacements), admission controls (OPA/Gatekeeper/Kyverno). Image security (registry governance, signing/verification, SBOM, vulnerability management). Runtime protection (CIS benchmarks, syscall/behavior policies, workload isolation, secrets management). Secure CI/CD integrations (image scanning gates, IaC security checks, policy-as-code).
Operational Support
Own day-to-day health and performance of deployed controls; troubleshoot issues with clusters, workloads, and pipelines. Partner with platform engineering/SRE to triage, remediate, and tune policies without breaking delivery velocity.
Documentation & Enablement
Produce clear, actionable documentation: standards, architecture diagrams, procedures, FAQs, and "how-to" guides. Provide guidance and training to engineering teams to adopt secure-by-default patterns.
Broader Cybersecurity Support
Contribute to vulnerability management, incident response (for containerized workloads), audit support, and control assurance. Participate in threat modeling for new services and changes.
Required Qualifications
OS Expertise:
Proficient in both
Windows
and
Linux
administration and security fundamentals. Containers:
3+ years
hands-on experience with
Docker
and
Kubernetes
(design, deployment, security hardening). Security Engineering:
Proven ability to design, implement, and operationalize technical controls in production environments. Networking & Access Control:
Solid grasp of container networking (CNI), service-to-service policies, identity/RBAC, and secrets handling. DevSecOps Mindset:
Experience integrating security into CI/CD (e.g., image scanning, policy gates, IaC checks). Documentation:
Strong technical writing skills (standards, procedures, diagrams). Work Style:
ble to work
independently
with minimal oversight; strong ownership and follow-through. Preferred Qualifications
Cloud:
Experience with
Microsoft Azure
(AKS, ACR, Azure Defender/Defender for Cloud, Key Vault, Azure Policy). Security Tools & Frameworks:
Familiarity with:
dmission/policy tools (OPA/Gatekeeper, Kyverno), image scanning (Trivy, Aqua, Prisma, Clair), SBOM (CycloneDX). Kubernetes security benchmarks (CIS), Pod Security standards, runtime protection.
Infrastructure as Code & Automation:
Terraform, Bicep/ARM, Helm; GitHub Actions/Azure DevOps pipelines. Logging/Monitoring:
Experience with centralized logging and metrics for containers (e.g., Prometheus, Grafana, ELK/EFK). Compliance & Assurance:
Experience mapping controls to frameworks (CIS, NIST CSF, ISO 27001, PCI, SOC 2) for containerized workloads. Certifications (nice to have):
Z-500, CKA/CKS, Security+, CISSP, CCSP. Core Competencies
Technical Depth & Pragmatism:
Balances strong security posture with developer productivity and uptime. Problem Solving:
ble to diagnose complex production issues across networking, policy, identity, and runtime. Communication:
Explains trade-offs, documents clearly, and influences stakeholders. Ownership & Autonomy:
Drives initiatives end to end-requirements, build, deploy, monitor, and improve.
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.