Container Security Engineer

This role is focused specifically on owning and maturing container security across AWS environments (ECS, EKS, and Serverless) with a strong hands-on approach, while also supporting container security across other cloud platforms (Azure AKS and GCP GKE) where applicable. You will drive end-to-end container security—from image scanning and base image hardening to runtime visibility, risk prioritization, and remediation using platforms like Wiz.

The expectation is to build and enforce scalable security controls, improve coverage and monitoring, and partner closely with engineering teams to ensure secure-by-default container deployments without impacting delivery. You will also focus on automation and AI-driven capabilities to enhance detection, reduce manual effort, and enable faster risk remediation. Additionally, the role is accountable for driving container security posture visibility through metrics, documentation, and developer guidance on secure image and deployment practices.

• Lead hands-on container security efforts across AWS environments (ECS, EKS, and Serverless), including image scanning, runtime visibility, and risk remediation.
• Utilize Wiz to assess and remediate container, cloud configuration, and workload risks across build and runtime environments with risk-based prioritization.
• Drive implementation and maturity of container security controls, including coverage, enforcement, and operational monitoring.
• Assess vulnerabilities across container images, dependencies, and deployment pipelines, and drive remediation with engineering teams.
• Develop and implement strategies to secure cloud-native workloads with a focus on containers and serverless architectures across AWS, extending consistent security controls to other cloud platforms (Azure, GCP) where applicable.
• Partner with platform and engineering teams to ensure secure configurations, hardened base images, and consistent runtime protection.
• Identify and execute automation opportunities to improve container security processes and reduce manual effort.
• Leverage AI/ML-driven capabilities to enhance container and cloud threat detection, enable risk-based prioritization, and support automated remediation across build and runtime environments.
• Gather and report metrics to provide visibility into container security posture and program maturity.
• Provide guidance and training on secure container development, image hygiene, and deployment best practices.
• Maintain documentation for container security processes, tools, and standards.

• Undergraduate degree in a related field or equivalent experience.
• Strong hands-on experience securing containerized environments in AWS (ECS/EKS) and serverless workloads, with working knowledge of container platforms in other cloud providers (Azure AKS, GCP GKE).
• Experience with Wiz for container, cloud, and configuration risk visibility and remediation.
• Strong understanding of container lifecycle, image management, and runtime security concepts.
• Experience with CI/CD pipelines, cloud-native architectures, and deployment processes.
• Experience with application security tools (SAST, SCA, IAST, DAST) is a plus.
• Familiarity with industry frameworks such as NIST, OWASP, and MITRE.
• Relevant certifications in cloud, containers, or Dev Sec Ops  are a plus.