"Alerted.org

Job Title, Industry, Employer
City & State or Zip Code
20 mi
  • 0 mi
  • 5 mi
  • 10 mi
  • 20 mi
  • 50 mi
  • 100 mi
Advanced Search

Advanced Search

Cancel
Remove
+ Add search criteria
City & State or Zip Code
20 mi
  • 0 mi
  • 5 mi
  • 10 mi
  • 20 mi
  • 50 mi
  • 100 mi
Related to

  • Sr. Kubernetes Security & Isolation Engineer

    Capgemini (Portland, OR)



    Apply Now

    About the job you're considering

     

    Are you passionate about securing the future of cloud-native infrastructure in mission-critical environments? Join our team in Portland, OR, as a Kubernetes K3s Security & Isolation Engineer supporting the aerospace industry, where security, reliability, and precision are paramount. In this onsite role, you’ll focus on hardening and isolating K3s clusters to minimize blast radius in the event of compromise. This includes enforcing Linux security modules like SELinux and AppArmor, leveraging Trusted Platform Module (TPM) for secure boot and attestation, implementing least privilege across nodes and workloads, and ensuring multi-tenant isolation within hybrid Kubernetes environments—spanning x86, ARM, and accelerator-based architectures. You’ll work hands-on with cutting-edge technologies and collaborate with cross-functional teams to build resilient, secure infrastructure that supports aerospace innovation.

    Your role

    + Architect and deploy security-first Kubernetes K3s cluster configurations across diverse hardware platforms, including x86, ARM, and accelerators.

    + Enforce Linux security modules (SELinux, AppArmor) and sandboxing techniques (seccomp, gVisor, Kata) to protect workloads and system services.

    + Integrate TPM for secure boot and attestation, ensuring hardware and OS integrity, and support cryptographic operations with HSM/KMS systems.

    + Design multi-tenant isolation strategies using namespaces, node pools, and hardware partitioning to prevent lateral movement and reduce blast radius.

    + Apply least-privilege policies using RBAC, PodSecurityStandards, NetworkPolicies, and resource constraints to secure workload execution and mitigate denial-of-service risks.

    + Harden Kubernetes components (API server, etcd, kubelet) using CIS and NSA benchmarks, and implement kernel-level protections like seccomp-bpf and IMA/EVM.

    + Secure workload secrets using TPM-backed storage and tools like SealedSecrets, HashiCorp Vault, or SOPS for safe distribution and access control.

    + Strengthen supply chain security through image signing (cosign, Notary), SBOM scanning, and CI/CD vulnerability management.

    + Monitor runtime behavior with tools like Falco and Cilium Tetragon, and collaborate with SRE and Security teams to develop incident response runbooks and conduct breach simulation drills.

    Your skills and experience

    + Bachelor’s degree in Computer Science, Engineering, or a related technical field, with 8–10 years of experience in infrastructure, security, or systems engineering.

    + Deep expertise in Kubernetes (especially K3s) internals, including cluster hardening, multi-tenant isolation, and security architecture.

    + Advanced proficiency in Linux security features such as SELinux, AppArmor, seccomp, and kernel-level protections.

    + Hands-on experience with TPM for secure boot, attestation, and integration with HSM/KMS for cryptographic operations and secrets management.

    + Strong understanding of Pod Security frameworks (PodSecurityStandards, OPA, Gatekeeper, Kyverno) and implementation of RBAC, NetworkPolicies, and workload isolation at scale.

    + Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications in hybrid environments.

    + Experience with runtime and supply chain security tools and frameworks, including Falco, Cilium Tetragon, cosign, Notary, SLSA, and NIST 800-190.

    + Knowledge of confidential computing (TEE, SGX, SEV), air-gapped deployments, and hardened Linux distributions like Flatcar and Bottlerocket.

     

    Life at Capgemini

     

    Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:

     

    + Flexible work

    + Healthcare including dental, vision, mental health, and well-being programs

    + Financial well-being programs such as 401(k) and Employee Share Ownership Plan

    + Paid time off and paid holidays

    + Paid parental leave

    + Family building benefits like adoption assistance, surrogacy, and cryopreservation

    + Social well-being benefits like subsidized back-up child/elder care and tutoring

    + Mentoring, coaching and learning programs

    + Employee Resource Group

    + Disaster Relief

     

    About Capgemini Engineering

     

    World leader in engineering and R&D services, Capgemini Engineering combines its broad industry knowledge and cutting-edge technologies in digital and software to support the convergence of the physical and digital worlds. Coupled with the capabilities of the rest of the Group, it helps clients to accelerate their journey towards Intelligent Industry. Capgemini Engineering has 65,000 engineer and scientist team members in over 30 countries across sectors including Aeronautics, Space, Defense, Naval, Automotive, Rail, Infrastructure & Transportation, Energy, Utilities & Chemicals, Life Sciences, Communications, Semiconductor & Electronics, Industrial & Consumer, Software & Internet.

     

    Capgemini Engineering is an integral part of the Capgemini Group, a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion.

     

    Get the future you want |** **www.capgemini.com

     

    Disclaimer

     

    Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law. This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.

     

    Capgemini is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.Click the following link for more information on your rights as an Applicant http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

     

    **Job:** _Developer_

    **Organization:** _ERD PPL US_

    **Title:** _Sr. Kubernetes Security & Isolation Engineer_

    **Location:** _OR-Portland_

    **Requisition ID:** _081871_

     


    Apply Now



Recent Searches

  • Licensed Practical Nurse 9S (United States)
[X] Clear History

Recent Jobs

  • Sr. Kubernetes Security & Isolation Engineer
    Capgemini (Portland, OR)
[X] Clear History

Account Login

Cancel
 
Forgot your password?

Not a member? Sign up

Sign Up

Cancel
 

Already have an account? Log in
Forgot your password?

Forgot your password?

Cancel
 
Enter the email associated with your account.

Already have an account? Sign in
Not a member? Sign up

© 2025 Alerted.org