Job Description

About the Role

We’re looking for a Container Security Engineer who is passionate about securing cloud-native applications and containers across environments. The ideal candidate will be responsible for identifying and mitigating vulnerabilities in container images, collaborating closely with application and platform teams, and automating security processes across CI/CD pipelines.

You’ll play a key role in improving the overall container security posture — from image scanning to remediation and compliance enforcement — while ensuring minimal disruption to developer workflows.

Key Responsibilities

• Perform container image scanning using tools such as Snyk, Wiz to identify vulnerabilities.
• Collaborate with application and DevOps teams to analyze scan results, prioritize findings, and guide remediation.
• Integrate container image scanning into CI/CD pipelines (e.g., GitHub Actions, GitLab CI, Jenkins).
• Develop and maintain automation scripts in Python or Shell for reporting, alerting, and compliance tracking.
• Enforce container security best practices such as:
• Least privilege and minimal base images
• Secure image registries (private registries, signed images)
• Regular patching and dependency management
• Work with Cloud Security and DevOps teams to ensure container runtime protection, policy compliance, and vulnerability management across AWS, GCP, or Azure .
• Support the development and enforcement of OPA Gatekeeper , Kyverno , or other admission controller policies in Kubernetes clusters.
• Contribute to improving DevSecOps pipelines and participate in threat modeling for containerized workloads.

Required Skills & Qualifications

• 3–8 years of experience in Cloud Security , DevSecOps , or Container Security .
• Strong understanding of Docker , Kubernetes , and container lifecycle management.
• Proficiency in Python or Shell scripting for automation and reporting.
• Experience with at least one major cloud provider ( AWS, GCP, or Azure ).
• Familiarity with CI/CD tools and Git-based repositories (GitHub, GitLab, Bitbucket).
• Understanding of vulnerability scoring (CVSS), remediation workflows, and container hardening standards (CIS Benchmarks).

Preferred Qualifications

• Experience implementing OPA Gatekeeper or Kyverno for Kubernetes policy enforcement.
• Knowledge of Infrastructure as Code security (Terraform, CloudFormation).
• Familiarity with SBOM (Software Bill of Materials) and supply chain security practices.
• Exposure to runtime security tools (Sysdig Secure, Wiz etc.).
• Certifications such as CKA, CKAD, or KCNA , or cloud certifications (AWS Security Specialty, GCP Security Engineer, etc.) are a plus.

Soft Skills

• Strong collaboration and communication skills.
• Ability to interpret vulnerability reports and translate them into actionable guidance for developers.
• Self-starter with problem-solving and analytical mindset.

Job Tags

Similar Jobs