Apply for this Job
Responsible for planning, designing, testing and implementing computer and network security infrastructure design and implementation for project including Cloud-Native container as a service. Required skills - Deep understanding of cloud computing principles, including virtualization, containerization, microservices, and serverless computing; Risk Management, RHCOS security, container security, Kubernetes security, IAM security, network security, auditing, encryption, secrets management and data protection, securing CI/CD
- Analyze environments to identify both technical and operational challenges while making recommendations and developing solutions for improvement
- Lead complex or high severity troubleshooting and incident/problem resolutions with other security or cloud teams
- Maintain knowledge of current developments in cloud, CaaS and cybersecurity, maintaining of threats to It environments
- Bachelor's degree in IT, Cybersecurity or related field or equivalent experience
- 5+ years of experience in Information security with 4+ years of experience in cloud security
- 3+ years of experience of cloud container security experience.
- Experience with cloud infrastructure as code tools such as Terraform, CloudFormation, and Azure Resource Manager.
- Observability: Tracing/Metrics/Logs and Dashboards for Platform and Application workloads (Promethius, Grafana, Vector Openshift logging)
- Experience working in DevSecOps, including knowledge and experience enforcing a secure software development lifecycle.(Github, Gitea, Gitguardian, )
- Experience with static container scanning Trivy, Snyk. sBOM (Bill of Material): Syft/Grype
- Experience with runtime container security, Falco, Red Hat Client
- Experience with Red Hat OpenShift and Openstack cloud platforms, Advanced cluster security, Advanced cluster management
- Experience with Policy/Regulation compliance: OPA, Red Hat Client, Kyverno
- Strong knowledge of hybrid cloud, AWS, GCP, Azure and Kurbenetes
- Service Mesh isolation
- Vulnerability and threat management
- Application pen testing
- Hands on experience with HashiCorp Vault, Cyberark or similar (PAM, secrets, certificate management platform)
- Experience working in DevSecOps, including knowledge and experience enforcing a secure software development lifecycle.
- Static Container Scanning: Trivy, Snyk. sBOM (Bill of Material): Syft/Grype
- Reporting/Observability: Grafana, Prometheus, Red Hat Advanced Cluster Security
Professional certifications CISSP, CEH, CDP (Certified DevSecOps Professional) Date Posted: 21 March 2025
Apply for this Job