1. Main page
    2. /
  2. IT/Programming
    3. /
  3. PostgreSQL, Docker, Kubernetes
    4. /
  4. Remote DevSecOps Engineer - Container Security Specialist

Remote DevSecOps Engineer - Container Security Specialist

Remotely
Full-time
PostgreSQL Docker Kubernetes CI/CD methodologies Linux Nginx
Are you passionate about embedding security into DevOps practices? We're seeking an experienced DevSecOps professional to strengthen our infrastructure security posture. In this remote role, you'll implement secure configurations across containerized environments and automate critical security tooling. This project offers an excellent opportunity for security-minded engineers to make a significant impact on cloud-native security architecture. Project Overview This focused 1-month engagement requires a security specialist to enhance our container and operating system security. You'll be responsible for implementing hardened configurations and integrating automated security scanning throughout our technology stack. Key Responsibilities - Design and implement secure Docker container builds (Docker 23.0+), eliminating vulnerabilities and adhering to industry best practices like least privilege and minimal base images. - Configure hardened Linux environments according to CIS benchmarks (Level 1/2) and security frameworks, focusing on access controls and system hardening. - Establish secure Kubernetes deployments (v1.28+) with proper RBAC controls, network policies, and pod security contexts to prevent cluster compromise. - Implement secure configurations for PostgreSQL 16.x, including robust authentication mechanisms, data encryption, and access control policies. - Configure NGINX with security-focused parameters, including modern TLS protocols (TLS 1.3), cipher suites, and protection against common web vulnerabilities. - Integrate and automate security tools into CI/CD pipelines, including Trivy (0.47+), Starboard, kube-bench (0.7+), docker-bench, and linux-bench for continuous vulnerability assessment. - Deploy and configure Semgrep (1.45+) for static code analysis to identify security vulnerabilities early in the development process. - Create comprehensive documentation for all security configurations and automation processes to ensure knowledge transfer. - Provide recommendations for ongoing security improvements beyond the project timeline. Required Skills & Experience - 3+ years of hands-on experience in DevOps or Security Engineering roles, with specific focus on container and Kubernetes security. - Demonstrated expertise hardening Docker containers and implementing secure build processes (multi-stage builds, minimal images, non-root users). - Strong knowledge of Linux security hardening techniques and practical implementation of CIS benchmarks across major distributions. - Practical experience securing Kubernetes clusters, including implementation of admission controllers, network policies, and security contexts. - Hands-on experience with PostgreSQL security configuration, including authentication systems and data protection measures. - Proficiency with NGINX security configuration, including TLS optimization and web application security controls. - Experience implementing and configuring security scanning tools such as Trivy, kube-bench, and Semgrep within automated pipelines. - Strong scripting abilities in Bash, Python, or Go for security automation and tooling integration. - Working knowledge of infrastructure as code principles using tools like Terraform, Ansible, or similar technologies. - Understanding of common CI/CD platforms (GitHub Actions, Jenkins, GitLab CI) and security integration points. Nice to Have - Cloud security experience with AWS, Azure, or GCP security services and configurations. - Experience with secret management solutions (HashiCorp Vault, AWS Secrets Manager, Kubernetes Secrets). - Certified Kubernetes Security Specialist (CKS) or equivalent security certifications. - Knowledge of threat modeling methodologies and practical application to infrastructure design. - Experience with GitOps workflows and secure deployment practices. - Familiarity with Zero Trust security models and implementation strategies. - Background in incident response or security operations roles (enhances understanding of attack vectors). Why Join This Project This project offers the perfect opportunity to enhance your DevSecOps portfolio while working with modern containerized architectures. You'll have significant autonomy to implement security best practices, work with cutting-edge security automation tools, and make a measurable impact on infrastructure security. Our flexible remote working arrangement allows you to contribute from anywhere in the world, with competitive compensation based on your experience and expertise. The focused timeline means you'll see your security implementations make an immediate difference.