Be an early applicantLess than 25 applicants

Company

TrustedSec · 5 hours ago

Kubernetes Cloud Pentester / Security Consultant

Fairlawn, OH

Full-time

Remote

Mid, Senior Level

$100K/yr - $160K/yr

2+ years exp

Maximize your interview chances

ConsultingInformation Services

No H1B

Insider Connection @TrustedSec

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Conduct penetration testing and vulnerability assessments of Kubernetes environments, identifying misconfigurations, flaws, and weaknesses.

Simulate real-world attacks against containerized applications and underlying infrastructure.

Perform security audits and hardening of Kubernetes clusters

Develop custom scripts and tooling to automate security testing

Collaborate with DevOps and Cloud Engineering teams to remediate vulnerabilities and enforce best practices.

Document findings and create detailed security reports, outlining risks, recommended remediations, and improvements.

Stay up to date on the latest security trends, vulnerabilities, and techniques in Kubernetes and cloud infrastructure.

Working under the guidance of senior consultants, perform small to medium-sized security assessments and risk analyses of clients' facilities, systems, and processes to identify vulnerabilities and potential threats.

Utilize various security assessment tools and methodologies to evaluate the effectiveness of existing security measures and recommend improvements.

Collaborate with clients to develop and implement strategic security plans tailored to their unique needs and risks.

Provide guidance on security best practices, policies, and procedures to enhance the overall security posture of the organization.

Develop and deliver training programs to educate clients' staff on security protocols, emergency response, and risk mitigation strategies, under guidance of senior security consultants.

Raise awareness of security threats and vulnerabilities to ensure proactive measures are taken to prevent security breaches.

Stay up to date with the latest security trends, threats, and technologies to provide informed recommendations to clients.

Advise on the selection and deployment of appropriate security tools and technologies to enhance the clients' security infrastructure.

Build strong client relationships by effectively communicating security findings, recommendations, and solutions in a clear and professional manner.

Act as a trusted advisor, providing ongoing guidance and support to clients to help them navigate evolving security challenges.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Kubernetes administrationPenetration testingCloud platforms AWSCloud platforms GCPCloud platforms AzureKubernetes security featuresScriptingAutomationInformation Security FrameworksNetwork penetration testingSecurity assessment toolsClient communicationKubernetes administrator backgroundCloud security certificationsInfrastructure as Code (IaC)Security monitoring in KubernetesCI/CD pipelines understandingProject managementConfidentiality handling

Required

2-4 years proven experience in Kubernetes administration and architecture, or experience with pentesting Kubernetes is required.

Hands-on experience with one or more cloud platforms (AWS, GCP, Azure) is required.

Strong knowledge of Kubernetes security features such as network policies, secrets management, role-based access control (RBAC), and service mesh security.

Proficiency in scripting and automation (Bash, Python, Go, etc.) for security testing and exploitation.

Thorough understanding and familiarity of the Information Security Frameworks (PTES, Add others), compliance requirements and industry standards.

Network penetration testing (external and internal), to include exploitation and lateral movement, above and beyond running automated tools.

Proficiency in security assessment tools and methodologies.

Strong project management and client facing skills.

Analytical, problem solving and communication skills.

Ability to work independently and collaboratively within a team environment.

Ability to handle confidential and sensitive information with integrity and professionalism.