Sr. Kubernetes Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Capgemini · 11 hours ago

Sr. Kubernetes Security Engineer

positionIrving, TX
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$108K/yr - $148K/yr
date8+ years exp

Capgemini is a global business and technology transformation partner, and they are seeking a Sr. Kubernetes Security Engineer to support the aerospace industry. The role focuses on hardening Kubernetes clusters, enforcing security measures, and collaborating with teams to build secure infrastructure.

ConsultingInformation TechnologyInsurTechIT ManagementSoftware
check
H1B Sponsor Likelynote

Responsibilities

Architect and deploy security-first Kubernetes cluster configurations across diverse hardware platforms, including x86, ARM, and accelerators
Enforce Linux security modules (SELinux, AppArmor) and sandboxing techniques (seccomp, gVisor, Kata) to protect workloads and system services
Integrate TPM for secure boot and attestation, ensuring hardware and OS integrity, and support cryptographic operations with HSM/KMS systems
Design multi-tenant isolation strategies using namespaces, node pools, and hardware partitioning to prevent lateral movement and reduce blast radius
Apply least-privilege policies using RBAC, PodSecurityStandards, NetworkPolicies, and resource constraints to secure workload execution and mitigate denial-of-service risks
Harden Kubernetes components (API server, etcd, kubelet) using CIS and NSA benchmarks, and implement kernel-level protections like seccomp-bpf and IMA/EVM
Secure workload secrets using TPM-backed storage and tools like SealedSecrets, HashiCorp Vault, or SOPS for safe distribution and access control
Strengthen supply chain security through image signing (cosign, Notary), SBOM scanning, and CI/CD vulnerability management
Monitor runtime behavior with tools like Falco and Cilium Tetragon, and collaborate with SRE and Security teams to develop incident response runbooks and conduct breach simulation drills

Qualification

Kubernetes internalsLinux security featuresTPM integrationPod Security frameworksRuntime security toolsMulti-tenant isolationSupply chain securityCollaborationProblem-solvingCommunication

Required

Bachelor's degree in Computer Science, Engineering, or a related technical field, with 8–10 years of experience in infrastructure, security, or systems engineering
Deep expertise in Kubernetes internals, including cluster hardening, multi-tenant isolation, and security architecture
Advanced proficiency in Linux security features such as SELinux, AppArmor, seccomp, and kernel-level protections
Hands-on experience with TPM for secure boot, attestation, and integration with HSM/KMS for cryptographic operations and secrets management
Strong understanding of Pod Security frameworks (PodSecurityStandards, OPA, Gatekeeper, Kyverno) and implementation of RBAC, NetworkPolicies, and workload isolation at scale
Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications in hybrid environments
Experience with runtime and supply chain security tools and frameworks, including Falco, Cilium Tetragon, cosign, Notary, SLSA, and NIST 800-190
Knowledge of confidential computing (TEE, SGX, SEV), air-gapped deployments, and hardened Linux distributions like Flatcar and Bottlerocket

Benefits

Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave
Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)
Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)
Life and disability insurance
Employee assistance programs
Other benefits as provided by local policy and eligibility

Company

Capgemini

twittertwittertwitter
Glassdoor3.9
company-logo
Capgemini is a software company that provides consulting, technology, and digital transformation services.
dateFounded in 1967
location
Paris, Ile-de-France, FRA
people-size10001+ employees
web-link
https://www.capgemini.com

H1B Sponsorship

Capgemini has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2228)
2024 (3016)
2023 (3425)
2022 (4392)
2021 (3311)
2020 (5871)

Funding

Current Stage
Public Company
Total Funding
$4.72B
2025-09-18Post Ipo Debt· $4.72B
1999-04-01IPO

Leadership Team

leader-logo
Aiman Ezzat
CEO, Capgemini Group
linkedin
leader-logo
Anirban Bose
CEO of Americas Strategic Business Unit
linkedin

Recent News

The Register
Europe's cloud challenge: Building an Airbus for the digital age
2025-12-30
Livemint.com
Cross-border deals go bigger and bolder—2026 promises more
2025-12-29
IndiaTimes
India's tech M&As on a three-year high with deal value touching $29 billion
2025-12-29
Company data provided by crunchbase