Cyber Security Engineer

Cyber Security Engineer – Container Security
Atlanta - GA, 30339

Contract: 9 months (option to convert to direct hire at end of term)

(Contract-to-Hire)



8:00 AM-5:00 PM



Location: Atlanta - GA, La Vista - NE, Oakdale - MN, Scottsdale - AZ, St. Petersburg - FL

Department: Security Engineering & Operations



Role Summary

We're seeking a hands-on Cyber Security Engineer with a strong focus on container security to develop standards/policies, design and implement controls, and support operationalization of security measures across our estate. You'll work across both Windows and Linux platforms, with a minimum of 3+ years practical experience in Docker and Kubernetes. The role requires a self-starter who can work independently, produce clear documentation, and contribute to our broader cybersecurity initiatives. Azure experience is preferred.



Key Responsibilities

Standards & Policy Development Author, maintain, and socialize container security standards, baseline configurations, and operational runbooks. Define control requirements for Kubernetes clusters and Docker runtimes (networking, RBAC, secrets, compliance, logging).

Control Design & Implementation Engineer and deploy container-specific security controls across the estate (on-prem & cloud), including: Kubernetes RBAC, NetworkPolicies, PodSecurity standards (or replacements), admission controls (OPA/Gatekeeper/Kyverno). Image security (registry governance, signing/verification, SBOM, vulnerability management). Runtime protection (CIS benchmarks, syscall/behavior policies, workload isolation, secrets management). Secure CI/CD integrations (image scanning gates, IaC security checks, policy-as-code).

Operational Support Own day-to-day health and performance of deployed controls; troubleshoot issues with clusters, workloads, and pipelines. Partner with platform engineering/SRE to triage, remediate, and tune policies without breaking delivery velocity.

Documentation & Enablement Produce clear, actionable documentation: standards, architecture diagrams, procedures, FAQs, and "how-to” guides. Provide guidance and training to engineering teams to adopt secure-by-default patterns.

Broader Cybersecurity Support Contribute to vulnerability management, incident response (for containerized workloads), audit support, and control assurance. Participate in threat modeling for new services and changes.

Required Qualifications

OS Expertise: Proficient in both Windows and Linux administration and security fundamentals.

Containers: 3+ years hands-on experience with Docker and Kubernetes (design, deployment, security hardening).

Security Engineering: Proven ability to design, implement, and operationalize technical controls in production environments.

Networking & Access Control: Solid grasp of container networking (CNI), service-to-service policies, identity/RBAC, and secrets handling.

DevSecOps Mindset: Experience integrating security into CI/CD (e.g., image scanning, policy gates, IaC checks).

Documentation: Strong technical writing skills (standards, procedures, diagrams).

Work Style: Able to work independently with minimal oversight; strong ownership and follow-through.

Preferred Qualifications

Cloud: Experience with Microsoft Azure (AKS, ACR, Azure Defender/Defender for Cloud, Key Vault, Azure Policy).

Security Tools & Frameworks: Familiarity with: Admission/policy tools (OPA/Gatekeeper, Kyverno), image scanning (Trivy, Aqua, Prisma, Clair), SBOM (CycloneDX). Kubernetes security benchmarks (CIS), Pod Security standards, runtime protection.

Infrastructure as Code & Automation: Terraform, Bicep/ARM, Helm; GitHub Actions/Azure DevOps pipelines.

Logging/Monitoring: Experience with centralized logging and metrics for containers (e.g., Prometheus, Grafana, ELK/EFK).

Compliance & Assurance: Experience mapping controls to frameworks (CIS, NIST CSF, ISO 27001, PCI, SOC 2) for containerized workloads.

Certifications (nice to have): AZ-500, CKA/CKS, Security+, CISSP, CCSP.

Core Competencies

Technical Depth & Pragmatism: Balances strong security posture with developer productivity and uptime.

Problem Solving: Able to diagnose complex production issues across networking, policy, identity, and runtime.

Communication: Explains trade-offs, documents clearly, and influences stakeholders.

Ownership & Autonomy: Drives initiatives end to end—requirements, build, deploy, monitor, and improve.