The candidate will be instrumental in driving the security initiatives for K8S environments while leveraging their knowledge of OS security to provide a comprehensive security posture.
Responsibilities
Perform vulnerability research on cutting-edge K8S-based platforms and products & the underlaying OS.
Develop and implement proof-of-concept exploits to demonstrate potential risks and work closely with engineering teams to address findings.
Engage in Threat Modelling, Security Code Audits, Fuzzing and in-depth Hardening efforts to improve the overall security of K8S-based platforms\products and underlaying OS.
Collaborate with teams to fortify environments\products against threats, while ensuring alignment with security frameworks.
Required Qualifications:
A minimum of 4 years in offensive security research, with a focus on Kubernetes environments and a strong background in OS (Windows\Linux) Security.
Proven track record in identifying vulnerabilities and implementing hardening strategies.
Deep understanding of OS Security mechanisms.
Familiarity and Experience with Kubernetes Security Controls.
RBAC management, Secrets Storage, Plugins, and Access Controls.
Container Security Configuration (Security Context, Privileged, etc…).
Knowledge and Experience Configuring and Securing Kubernetes Networks.
Calico, Cilium, Network Access Policies, Istio or Similar.
Monitoring and Log Collection.
Understanding of Container Security Boundaries, Image Hardening Practices, and Security Features.
Proficient in programming and scripting, with the ability to develop security tools and automations.
Bachelor's degree in Computer Science, Information Security, or related fields An Advantage.
Certified Kubernetes Security Specialist (CKS) \ Kubernetes and Cloud Native Security Associate (KCSA) Certifications An advantage.
Desired Skills:
Exceptional communication abilities to effectively discuss complex security issues with a variety of audiences.
Team player with a collaborative approach and the capability to work in a dynamic, cross-functional environment.
Commitment to continuous learning, staying abreast of the latest developments in cloud security, Kubernetes, and OS security.
