Company Description
Mirantis is an open cloud company that helps organizations achieve digital self determination by giving them complete control over their strategic infrastructure. The company combines intelligent automation and cloud-native expertise for managing and operating virtual machines, containers, Kubernetes, and cloud environments.
We empower developers and innovators to create extraordinary products and services by automating the discovery, integration, and operation of the best cloud and open source technologies for their unique needs.
https://www.mirantis.com/
Job Description
Main Responsibilities
- Kubernetes and Container Security:
- Perform penetration testing on Kubernetes workloads and containerized environments, identifying and addressing vulnerabilities specific to these systems.
- Strengthen the security of Kubernetes clusters by evaluating configurations, implementing best practices (e.g., RBAC, network policies), and addressing runtime security concerns.
- Vulnerability Management:
- Prioritize and remediate vulnerabilities across Kubernetes clusters and related components, working closely with engineering teams to deliver secure solutions.
- Help establish secure coding practices and provide feedback on fixes for identified vulnerabilities.
- Compliance and Standards:
- Drive efforts to meet and maintain industry security certifications (e.g., SOC 2, ISO 27001) and ensure alignment with Kubernetes security benchmarks.
- Assist with audit preparations by providing technical expertise and documentation.
- Cross-Team Collaboration:
- Work with product and engineering teams to embed security throughout the development lifecycle.
- Support sales and customer teams by explaining security features and addressing customer concerns about security or compliance.
- Building for the Future:
- Create and maintain a long-term security strategy that addresses emerging threats and aligns with company-wide security initiatives.
- Monitor developments in Kubernetes security and implement relevant improvements
Qualifications
Qualifications and Experience Requirements
- Essential Qualifications:
- At least 5 years of experience in application security, penetration testing, or a related role, with a focus on Kubernetes or containerized environments.
- Deep understanding of Kubernetes architecture, including components like kubelet, kube-apiserver, etcd, and networking within Kubernetes clusters.
- Experience securing containerized applications, Kubernetes workloads, and orchestration platforms.
- Proven ability to conduct penetration tests in Kubernetes and containerized environments, identifying and remediating vulnerabilities.
- Preferred Certifications:
- Offensive Security Certified Professional (OSCP).
- GIAC Kubernetes and Cloud-Native Security (GKS).
- Certified Kubernetes Security Specialist (CKS).
- Offensive Security Web Expert (OSWE).
- GIAC Web Application Penetration Tester (GWAPT).
- Preferred Qualifications:
- Strong programming or scripting skills (e.g., Python, Go) for automating security testing and remediation in Kubernetes environments.
- Knowledge of cloud platforms (AWS, Azure, GCP) and their Kubernetes offerings (e.g., EKS, AKS, GKE).
- Experience contributing to or maintaining open-source Kubernetes-related projects.
- Excellent communication skills for engaging with internal stakeholders and external customers.
Additional Information
What does Mirantis offer you?
- Work with an established Silicon Valley leader in the cloud infrastructure industry.
- Work with exceptionally passionate, talented and engaging colleagues, helping Fortune 500 and Global 2000 customers implement next-generation cloud technologies.
- Be a part of cutting-edge, open-source innovation.
- Thrive in the high-energy environment of a young company where openness, collaboration, risk-taking, and continuous growth are valued.
- Receive a competitive compensation package with strong benefits plan
We are a Leader for Container Management in G2 (#2 after AWS)!
I’m interested
We are a Leader for Container Management in G2 (#2 after AWS)!
Read Full Description