Job description

The Security Engineer at MPL will focus on ensuring the security and compliance of cloud-native applications and infrastructure, particularly with Kubernetes, container security, and automation. They are expected to integrate security practices into DevOps, automate security protocols, and advocate for security awareness.

Responsibility

• Assess and enhance the security of our Kubernetes clusters.
• Implement best practices for securing Kubernetes deployments.
• Monitor Kubernetes resources for security vulnerabilities and misconfigurations.
• Evaluate and implement container security solutions to protect containerized applications.
• Conduct regular vulnerability assessments and penetration testing of container images.
• Ensure container image scanning and runtime security.
• Collaborate closely with DevOps and development teams to integrate security into the CI/CD pipeline.
• Automate security testing and compliance checks within the development and deployment workflows.
• Promote a culture of security awareness and ownership among development teams.
• Develop and maintain automated security tooling and scripts to streamline security operations.
• Create and maintain security policies as code (Infrastructure as Code) for cloud resources.
• Continuously improve security incident response and automation processes.
• Ensure compliance with relevant security standards and regulations (e.g., CIS benchmarks, GDPR, HIPAA).
• Perform regular audits and assessments to identify and address compliance gaps.
• Collaborate with incident response teams to investigate and respond to security incidents.
• Contribute to post-incident analysis and remediation efforts.
• Document security procedures, guidelines, and best practices.
• Provide security training and guidance to other teams as needed.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience).
• Proven experience as a Security Engineer with a focus on Kubernetes, container, DevSecOps, and automation.
• Strong knowledge of containerization technologies (Docker, Kubernetes).
• Familiarity with cloud security principles (AWS, Azure, GCP).
• Proficiency in scripting and automation using languages such as Python, Bash, or Go.
• Experience with security scanning tools (e.g., Clair, Trivy, SonarQube, Twistlock).
• Knowledge of DevOps practices and tools (e.g., Jenkins, GitLab CI/CD).
• Excellent problem-solving and communication skills.
• Relevant certifications (e.g., Certified Kubernetes Security Specialist, Certified DevSecOps Engineer) are a plus.