Kubernetes Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Capgemini Engineering · 17 hours ago

Kubernetes Security Engineer

positionBellevue, WA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$76K/yr - $188K/yr
date8+ years exp

Capgemini Engineering is a leader in engineering services, seeking a Kubernetes Security Engineer to support the aerospace industry. In this role, you will focus on securing cloud-native infrastructure, hardening Kubernetes clusters, and ensuring the reliability and security of mission-critical environments.

ConsultingMechanical EngineeringInformation TechnologyInformation ServicesInnovation Management
check
H1B Sponsor Likelynote

Responsibilities

Architect and deploy security-first Kubernetes cluster configurations across diverse hardware platforms, including x86, ARM, and accelerators
Enforce Linux security modules (SELinux, AppArmor) and sandboxing techniques (seccomp, gVisor, Kata) to protect workloads and system services
Integrate TPM for secure boot and attestation, ensuring hardware and OS integrity, and support cryptographic operations with HSM/KMS systems
Design multi-tenant isolation strategies using namespaces, node pools, and hardware partitioning to prevent lateral movement and reduce blast radius
Apply least-privilege policies using RBAC, PodSecurityStandards, NetworkPolicies, and resource constraints to secure workload execution and mitigate denial-of-service risks
Harden Kubernetes components (API server, etcd, kubelet) using CIS and NSA benchmarks, and implement kernel-level protections like seccomp-bpf and IMA/EVM
Secure workload secrets using TPM-backed storage and tools like SealedSecrets, HashiCorp Vault, or SOPS for safe distribution and access control
Strengthen supply chain security through image signing (cosign, Notary), SBOM scanning, and CI/CD vulnerability management
Monitor runtime behavior with tools like Falco and Cilium Tetragon, and collaborate with SRE and Security teams to develop incident response runbooks and conduct breach simulation drills

Qualification

Kubernetes internalsLinux security featuresTPM integrationPod Security frameworksRuntime security toolsSupply chain securityConfidential computingCollaboration skillsProblem-solving skillsCommunication skills

Required

Bachelor's degree in Computer Science, Engineering, or a related technical field, with 8–10 years of experience in infrastructure, security, or systems engineering
Deep expertise in Kubernetes internals, including cluster hardening, multi-tenant isolation, and security architecture
Advanced proficiency in Linux security features such as SELinux, AppArmor, seccomp, and kernel-level protections
Hands-on experience with TPM for secure boot, attestation, and integration with HSM/KMS for cryptographic operations and secrets management
Strong understanding of Pod Security frameworks (PodSecurityStandards, OPA, Gatekeeper, Kyverno) and implementation of RBAC, NetworkPolicies, and workload isolation at scale
Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications in hybrid environments
Experience with runtime and supply chain security tools and frameworks, including Falco, Cilium Tetragon, cosign, Notary, SLSA, and NIST 800-190
Knowledge of confidential computing (TEE, SGX, SEV), air-gapped deployments, and hardened Linux distributions like Flatcar and Bottlerocket

Benefits

Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave
Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)
Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)
Life and disability insurance
Employee assistance programs
Other benefits as provided by local policy and eligibility

Company

Capgemini Engineering

twittertwittertwitter
Glassdoor3.6
company-logo
Capgemini Engineering is a global innovation and engineering consulting firm.
dateFounded in 1982
location
Paris, Ile-de-France, FRA
people-size10001+ employees
web-link
https://www.capgemini.com/in-en/about-us/who-we-are/our-brands/capgemini-engineering/

H1B Sponsorship

Capgemini Engineering has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2022 (1)
2021 (12)
2020 (24)

Funding

Current Stage
Public Company
Total Funding
$4M
2019-06-24Acquired
2006-09-19Post Ipo Equity· $4M
1990-01-05IPO

Leadership Team

leader-logo
Joao Neiva
Automotive Mobility Experience Offer Leader
linkedin
leader-logo
Pascal Brier
Group EVP Strategy, Technology & Inovation
linkedin

Recent News

Mexico Business
Mexico Emerges as Latin America's High-Performance Computing Hub
2025-11-23
Mexico Business
Capgemini Unveils CTO Playbook to Redefine R&D Strategy
2025-11-19
GlobeNewswire News Room
U.S. Engineering Services Outsourcing (Testing, Designing, Prototyping, System Integration) Market Size, Share & Trends Analysis Report 2025-2030
2025-07-11
Company data provided by crunchbase