Cybersecurity Cloud Engineer: Container Security

Software Guidance & Assistance, Inc., (SGA), is searching for a Cybersecurity Cloud Engineer: Container Security for a contract/right to hire/direct placement assignment with one of our premier Infrastructure services clients in La Vista (Omaha), NE, Atlanta, GA, Scottsdale, AZ, St Petersburg, FL, or Oakdale, MN.

Responsibilities :

• Seeking a hands-on Cyber Security Engineer with a strong focus on container security to develop standards/policies, design and implement controls, and support operationalization of security measures across our estate. You'll work across both Windows and Linux platforms, with a minimum of 3+ years practical experience in Docker and Kubernetes. The role requires a self-starter who can work independently, produce clear documentation, and contribute to our broader cybersecurity initiatives. Azure experience is preferred.
• Standards & Policy Development
  • Author, maintain, and socialize container security standards, baseline configurations, and operational runbooks.
  • Define control requirements for Kubernetes clusters and Docker runtimes (networking, RBAC, secrets, compliance, logging).
• Control Design & Implementation
  • Engineer and deploy container-specific security controls across the estate (on-prem & cloud), including:
    • Kubernetes RBAC, NetworkPolicies, PodSecurity standards (or replacements), admission controls (OPA/Gatekeeper/Kyverno).
    • Image security (registry governance, signing/verification, SBOM, vulnerability management).
    • Runtime protection (CIS benchmarks, syscall/behavior policies, workload isolation, secrets management).
    • Secure CI/CD integrations (image scanning gates, IaC security checks, policy-as-code).
• Operational Support
  • Own day-to-day health and performance of deployed controls; troubleshoot issues with clusters, workloads, and pipelines.
  • Partner with platform engineering/SRE to triage, remediate, and tune policies without breaking delivery velocity.
• Documentation & Enablement
  • Produce clear, actionable documentation: standards, architecture diagrams, procedures, FAQs, and "how-to" guides.
  • Provide guidance and training to engineering teams to adopt secure-by-default patterns.
• Broader Cybersecurity Support
  • Contribute to vulnerability management, incident response (for containerized workloads), audit support, and control assurance.
  • Participate in threat modeling for new services and changes.
• Day to day work load: Check the SCRUM board for ready work items, attend meetings with stakeholders, collaborate with security and infrastructure team members.

Required Skills:

• OS Expertise: Proficient in both Windows and Linux administration and security fundamentals.
• Containers: 3+ years hands-on experience with Docker and Kubernetes (design, deployment, security hardening).
• Security Engineering: Proven ability to design, implement, and operationalize technical controls in production environments.
• Networking & Access Control: Solid grasp of container networking (CNI), service-to-service policies, identity/RBAC, and secrets handling.
• DevSecOps Mindset: Experience integrating security into CI/CD (e.g., image scanning, policy gates, IaC checks).
• Documentation: Strong technical writing skills (standards, procedures, diagrams).
• Work Style: Able to work independently with minimal oversight; strong ownership and follow-through.
• Technical Depth & Pragmatism: Balances strong security posture with developer productivity and uptime.
• Problem Solving: Able to diagnose complex production issues across networking, policy, identity, and runtime.
• Communication: Explains trade-offs, documents clearly, and influences stakeholders.
• Ownership & Autonomy: Drives initiatives end to end-requirements, build, deploy, monitor, and improve.

Preferred Skills:

• Certifications: AZ- 500, AZ-700, SC-200, SC-100
• Cloud: Experience with Microsoft Azure (AKS, ACR, Azure Defender/Defender for Cloud, Key Vault, Azure Policy).
• Security Tools & Frameworks: Familiarity with:
• Admission/policy tools (OPA/Gatekeeper, Kyverno), image scanning (Trivy, Aqua, Prisma, Clair), SBOM (CycloneDX).
• Kubernetes security benchmarks (CIS), Pod Security standards, runtime protection.
• Infrastructure as Code & Automation: Terraform, Bicep/ARM, Helm; GitHub Actions/Azure DevOps pipelines.
• Logging/Monitoring: Experience with centralized logging and metrics for containers (e.g., Prometheus, Grafana, ELK/EFK).
• Compliance & Assurance: Experience mapping controls to frameworks (CIS, NIST CSF, ISO 27001, PCI, SOC 2) for containerized workloads.
• Certifications (nice to have): AZ-500, CKA/CKS, Security+, CISSP, CCSP.

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.