Dexian
This range is provided by Dexian. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base Pay Range $50.00/hr - $53.00/hr
Direct message the job poster from Dexian
Job Title Cyber Security Engineer – Container Security
Contract 9 months (option to convert to direct hire at end of term)
Pay Range $50-$53
Job Description We’re seeking a hands‑on Cyber Security Engineer with a strong focus on container security to develop standards/policies, design and implement controls, and support operationalization of security measures across our estate. You’ll work across both Windows and Linux platforms, with a minimum of 3+ years practical experience in Docker and Kubernetes. The role requires a self‑starter who can work independently, produce clear documentation, and contribute to our broader cybersecurity initiatives. Azure experience is preferred.
Key Responsibilities Standards & Policy Development
Author, maintain, and socialize container security standards, baseline configurations, and operational runbooks.
Define control requirements for Kubernetes clusters and Docker runtimes (networking, RBAC, secrets, compliance, logging).
Control Design & Implementation
Engineer and deploy container‑specific security controls across the estate (on‑prem & cloud), including:
Kubernetes RBAC, NetworkPolicies, PodSecurity standards (or replacements), admission controls (OPA/Gatekeeper/Kyverno).
Image security (registry governance, signing/verification, SBOM, vulnerability management).
Runtime protection (CIS benchmarks, syscall/behavior policies, workload isolation, secrets management).
Secure CI/CD integrations (image scanning gates, IaC security checks, policy‑as‑code).
Operational Support
Own day‑to‑day health and performance of deployed controls; troubleshoot issues with clusters, workloads, and pipelines.
Partner with platform engineering/SRE to triage, remediate, and tune policies without breaking delivery velocity.
Documentation & Enablement
Produce clear, actionable documentation: standards, architecture diagrams, procedures, FAQs, and “how‑to” guides.
Provide guidance and training to engineering teams to adopt secure‑by‑default patterns.
Broader Cybersecurity Support
Contribute to vulnerability management, incident response (for containerized workloads), audit support, and control assurance.
Participate in threat modeling for new services and changes.
Required Qualifications
OS Expertise: Proficient in both Windows and Linux administration and security fundamentals.
Containers: 3+ years hands‑on experience with Docker and Kubernetes (design, deployment, security hardening).
Security Engineering: Proven ability to design, implement, and operationalize technical controls in production environments.
Networking & Access Control: Solid grasp of container networking (CNI), service‑to‑service policies, identity/RBAC, and secrets handling.
DevSecOps Mindset: Experience integrating security into CI/CD (e.g., image scanning, policy gates, IaC checks).
Documentation: Strong technical writing skills (standards, procedures, diagrams).
Work Style: Able to work independently with minimal oversight; strong ownership and follow‑through.
Preferred Qualifications
Cloud: Experience with Microsoft Azure (AKS, ACR, Azure Defender/Defender for Cloud, Key Vault, Azure Policy).
Security Tools & Frameworks: Familiarity with Admission/policy tools (OPA/Gatekeeper, Kyverno), image scanning (Trivy, Aqua, Prisma, Clair), SBOM (CycloneDX).
Kubernetes security benchmarks (CIS), Pod Security standards, runtime protection.
Infrastructure as Code & Automation: Terraform, Bicep/ARM, Helm; GitHub Actions/Azure DevOps pipelines.
Logging/Monitoring: Experience with centralized logging and metrics for containers (e.g., Prometheus, Grafana, ELK/EFK).
Compliance & Assurance: Experience mapping controls to frameworks (CIS, NIST CSF, ISO 27001, PCI, SOC 2) for containerized workloads.
Certifications (nice to have): AZ‑500, CKA/CKS, Security+, CISSP, CCSP.
Core Competencies
Technical Depth & Pragmatism: Balances strong security posture with developer productivity and uptime.
Problem Solving: Able to diagnose complex production issues across networking, policy, identity, and runtime.
Communication: Explains trade‑offs, documents clearly, and influences stakeholders.
Ownership & Autonomy: Drives initiatives end to end—requirements, build, deploy, monitor, and improve.
Equal Opportunity Employer Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.
#J-18808-Ljbffr
Base Pay Range $50.00/hr - $53.00/hr
Direct message the job poster from Dexian
Job Title Cyber Security Engineer – Container Security
Contract 9 months (option to convert to direct hire at end of term)
Pay Range $50-$53
Job Description We’re seeking a hands‑on Cyber Security Engineer with a strong focus on container security to develop standards/policies, design and implement controls, and support operationalization of security measures across our estate. You’ll work across both Windows and Linux platforms, with a minimum of 3+ years practical experience in Docker and Kubernetes. The role requires a self‑starter who can work independently, produce clear documentation, and contribute to our broader cybersecurity initiatives. Azure experience is preferred.
Key Responsibilities Standards & Policy Development
Author, maintain, and socialize container security standards, baseline configurations, and operational runbooks.
Define control requirements for Kubernetes clusters and Docker runtimes (networking, RBAC, secrets, compliance, logging).
Control Design & Implementation
Engineer and deploy container‑specific security controls across the estate (on‑prem & cloud), including:
Kubernetes RBAC, NetworkPolicies, PodSecurity standards (or replacements), admission controls (OPA/Gatekeeper/Kyverno).
Image security (registry governance, signing/verification, SBOM, vulnerability management).
Runtime protection (CIS benchmarks, syscall/behavior policies, workload isolation, secrets management).
Secure CI/CD integrations (image scanning gates, IaC security checks, policy‑as‑code).
Operational Support
Own day‑to‑day health and performance of deployed controls; troubleshoot issues with clusters, workloads, and pipelines.
Partner with platform engineering/SRE to triage, remediate, and tune policies without breaking delivery velocity.
Documentation & Enablement
Produce clear, actionable documentation: standards, architecture diagrams, procedures, FAQs, and “how‑to” guides.
Provide guidance and training to engineering teams to adopt secure‑by‑default patterns.
Broader Cybersecurity Support
Contribute to vulnerability management, incident response (for containerized workloads), audit support, and control assurance.
Participate in threat modeling for new services and changes.
Required Qualifications
OS Expertise: Proficient in both Windows and Linux administration and security fundamentals.
Containers: 3+ years hands‑on experience with Docker and Kubernetes (design, deployment, security hardening).
Security Engineering: Proven ability to design, implement, and operationalize technical controls in production environments.
Networking & Access Control: Solid grasp of container networking (CNI), service‑to‑service policies, identity/RBAC, and secrets handling.
DevSecOps Mindset: Experience integrating security into CI/CD (e.g., image scanning, policy gates, IaC checks).
Documentation: Strong technical writing skills (standards, procedures, diagrams).
Work Style: Able to work independently with minimal oversight; strong ownership and follow‑through.
Preferred Qualifications
Cloud: Experience with Microsoft Azure (AKS, ACR, Azure Defender/Defender for Cloud, Key Vault, Azure Policy).
Security Tools & Frameworks: Familiarity with Admission/policy tools (OPA/Gatekeeper, Kyverno), image scanning (Trivy, Aqua, Prisma, Clair), SBOM (CycloneDX).
Kubernetes security benchmarks (CIS), Pod Security standards, runtime protection.
Infrastructure as Code & Automation: Terraform, Bicep/ARM, Helm; GitHub Actions/Azure DevOps pipelines.
Logging/Monitoring: Experience with centralized logging and metrics for containers (e.g., Prometheus, Grafana, ELK/EFK).
Compliance & Assurance: Experience mapping controls to frameworks (CIS, NIST CSF, ISO 27001, PCI, SOC 2) for containerized workloads.
Certifications (nice to have): AZ‑500, CKA/CKS, Security+, CISSP, CCSP.
Core Competencies
Technical Depth & Pragmatism: Balances strong security posture with developer productivity and uptime.
Problem Solving: Able to diagnose complex production issues across networking, policy, identity, and runtime.
Communication: Explains trade‑offs, documents clearly, and influences stakeholders.
Ownership & Autonomy: Drives initiatives end to end—requirements, build, deploy, monitor, and improve.
Equal Opportunity Employer Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.
#J-18808-Ljbffr