Open Source Software Engineer - Container Security

Company Description

We are a leading-edge technology consulting firm committed to empowering organizations through the implementation of cloud-native and enterprise DevSecOps transformations. Our team of dedicated experts is driven by a passion for harnessing cutting-edge technologies to deliver unparalleled value to our clients. We specialize in crafting innovative technical solutions grounded in cloud-native principles, containerization, and the implementation of advanced automation-driven DevSecOps practices.

At the heart of our ethos lies a relentless pursuit of progress and the establishment of new industry benchmarks. Our unwavering commitment to excellence sets us apart and makes us the preferred choice for our clients. We recognize that delivering exceptional technical solutions necessitates the expertise of renowned professionals.

If you share our zeal for constructing cloud-native systems, developing cloud-based applications, and designing automation solutions, and if you are seeking to join a company that stands as a dominant force in the realms of Enterprise DevSecOps and Cloud Native domains, then you've discovered the ideal destination.

We cultivate a vibrant, inclusive, and collaborative environment that champions innovation and continuous learning. As a member of our team, you will have the opportunity to engage in exciting projects, tackle intricate challenges, and make a substantial contribution to the advancement of digital transformation for our clients. Come and be a part of a team that thrives on pushing the boundaries of what technology can achieve.

Job Description

As a Container Hardening Engineer, you will be part of our DOD DevSecOps practice, focusing on securing containerized environments by implementing hardened, secure container images and ensuring compliance with DOD security standards. Your expertise will help enhance the security posture of Kubernetes workloads and containerized applications across classified and unclassified environments.
This role requires deep technical knowledge of Linux, container security, and software supply chain security, with an emphasis on maintaining and securing open-source packages (Debian, Go, Python, etc.). You will work closely with security, platform, and development teams to build and maintain secure, scalable, and automated solutions.

Key Responsibilities:

• Develop and maintain hardened container images that comply with DOD security baselines, reducing vulnerabilities and attack surfaces.
• Contribute to and maintain security-focused open-source projects, particularly in container security and Kubernetes ecosystems.
• Maintain and secure open-source packages (Debian, Go, Python, or similar) with a focus on security hardening and vulnerability remediation.
• Implement and enforce software supply chain security best practices, including SBOM (Software Bill of Materials) validation, sigstore, and SLSA frameworks.
• Enhance Kubernetes security through policy enforcement, runtime protection, and compliance automation.
• Integrate container security tools such as Twistlock, Aqua, Clair, Trivy, Kube-bench, OpenSCAP, and Falco into DevSecOps pipelines.
• Design and implement security solutions for air-gapped/disconnected environments within classified or highly regulated spaces.
• Develop automated security scanning and compliance reporting for containerized workloads.
• Work with developers, platform engineers, and security teams to embed security best practices into the software development lifecycle.
• Stay ahead of emerging threats by monitoring security advisories and contributing to security-focused open-source communities

Qualifications

• DOD Secret clearance eligibility required.
• 5 years of experience in Linux system administration, container security, or DevSecOps.
• Strong expertise in container security, including image hardening, vulnerability scanning, and runtime protection.
• Demonstrated experience maintaining Debian, Go, or Python packages, with a focus on security hardening and open-source contributions.
• Deep understanding of Kubernetes security best practices, including RBAC, network policies, and admission controllers.
• Hands-on experience with software supply chain security, including SBOM validation, sigstore, and SLSA frameworks.
• Experience deploying and securing Kubernetes in air-gapped/disconnected environments.
• Proficiency in CI/CD security automation using tools like GitLab CI, Jenkins, or ArgoCD.
• Familiarity with compliance frameworks such as NIST 800-190, STIGs, and CIS benchmarks.
• Ability to communicate complex security concepts effectively to both technical and non-technical stakeholders.

Additional Information

We Value:

• Drive: Passion and energy to implement quality technical solutions. Self-motivation and intellectual curiosity
• Commitment to Quality: Passion to conceive and produce world-class solutions that drive real-world value for the customer
• Customer Focus: Consultative approach to solving problems for customers. Expectations management.
• Communication: Superior communication skills. Ability to clearly articulate problems, solutions, risks, rewards etc. (written and verbal)
• Technical Skills: Love for technology. You have to be inherently passionate about technology.
• Business Acumen: Technology ultimately is used to enable the business. We look for people who understand how the businesses can be enabled through their technical solutions

What we offer:

• Ability to make a noticeable difference for the organization and our customers
• Tremendous growth opportunity by becoming part of a rapidly growing organization. It’s not your tenure but what you can bring to the table that defines how your career will be shaped. You control your growth.
• Complex but interesting challenges to improve the depth and breadth of your technical and business skills. Our consultants are business technologists and understand how technology drives business. 
• Competitive pay and benefits

Oteemo is an equal employment and affirmative action employer. We evaluate qualified applicants on merit and business needs and not on race, color, religion, creed, gender, sexual orientation, national origin, ancestry, age, disability, genetic information, marital status, veteran status or any other factor protected by law. Oteemo complies with the law regarding reasonable accommodations for handicapped and disabled employees.