Product Security Engineer (Kubernetes )

Company Description

Mirantis is an open cloud company that helps organizations achieve digital self determination by giving them complete control over their strategic infrastructure. The company combines intelligent automation and cloud-native expertise for managing and operating virtual machines, containers, Kubernetes, and cloud environments.

We empower developers and innovators to create extraordinary products and services by automating the discovery, integration, and operation of the best cloud and open source technologies for their unique needs.

https://www.mirantis.com/

Job Description

We are seeking a talented and experienced Product Security Engineer specializing in Kubernetes to join our team in Poznań, Poland. In this role, you will be responsible for ensuring the security of our containerized environments and Kubernetes clusters, conducting penetration testing, and driving our security initiatives forward.

• Perform penetration testing on Kubernetes workloads and containerized environments to identify and address vulnerabilities
• Strengthen the security of Kubernetes clusters by evaluating configurations, implementing best practices, and addressing runtime security concerns
• Prioritize and remediate vulnerabilities across Kubernetes clusters and related components, collaborating closely with engineering teams
• Drive efforts to meet and maintain industry security certifications (e.g., SOC 2, ISO 27001) and ensure alignment with Kubernetes security benchmarks
• Work cross-functionally with product and engineering teams to embed security throughout the development lifecycle
• Create and maintain a long-term security strategy that addresses emerging threats and aligns with company-wide security initiatives
• Monitor developments in Kubernetes security and implement relevant improvements
• Support sales and customer teams by explaining security features and addressing customer concerns about security or compliance
• Contribute to the development of secure coding practices and provide feedback on vulnerability fixes

Qualifications

• Minimum of 5 years of experience in application security, penetration testing, or a related role, with a focus on Kubernetes or containerized environments
• Deep understanding of Kubernetes architecture, including components like kubelet, kube-apiserver, etcd, and networking within Kubernetes clusters
• Proven ability to conduct penetration tests in Kubernetes and containerized environments, identifying and remediating vulnerabilities
• Strong programming or scripting skills (e.g., Python, Go) for automating security testing and remediation in Kubernetes environments
• Experience with cloud platforms (AWS, Azure, GCP) and their Kubernetes offerings (e.g., EKS, AKS, GKE)
• Knowledge of compliance standards and security frameworks relevant to Kubernetes environments
• Familiarity with DevSecOps practices and CI/CD pipeline security integration
• Excellent communication skills for engaging with internal stakeholders and external customers
• Analytical mindset with a detail-oriented approach to problem-solving
• Collaborative spirit and ability to work effectively in cross-functional teams

Preferred Certifications:

• Offensive Security Certified Professional (OSCP)
• GIAC Kubernetes and Cloud-Native Security (GKS)
• Certified Kubernetes Security Specialist (CKS)
• Offensive Security Web Expert (OSWE)
• GIAC Web Application Penetration Tester (GWAPT)

Additional Qualifications:

• Experience contributing to or maintaining open-source Kubernetes-related projects
• Proven track record of implementing innovative security solutions in complex environments

Additional Information

What does Mirantis offer you?

• Work with an established Silicon Valley leader in the cloud infrastructure industry.
• Work with exceptionally passionate, talented and engaging colleagues, helping Fortune 500 and Global 2000 customers implement next-generation cloud technologies.
• Be a part of cutting-edge, open-source innovation.
• Thrive in the high-energy environment of a young company where openness, collaboration, risk-taking, and continuous growth are valued.
• Receive a competitive compensation package with strong benefits plan

We are a Leader for Container Management in G2 (#2 after AWS)!