Responsibilities
- Perform infrastructure security assessments across cloud, containerized, and Kubernetes-based environments.
- Review Infrastructure as Code (Terraform, Bicep, ARM, Helm, Kubernetes manifests, or similar) to identify security risks and misconfigurations.
- Assess CI/CD pipelines, secrets management processes, encryption controls, logging, monitoring, and access management practices.
- Validate Kubernetes and container security controls, including workload isolation, RBAC, network policies, and runtime security.
- Retest remediated findings and verify the effectiveness of implemented controls.
- Produce clear, evidence-based findings, risk assessments, and remediation recommendations.
- Support engineering and architecture teams with practical guidance on infrastructure hardening and secure-by-design principles.
Nice to Have
- Experienced security testers
- Infrastructure, cloud, platform, DevOps, or SRE engineers who are passionate about security and would like to develop their career in security testing