Staff Kubernetes Security Engineer

Responsibilities

• Architect and build security platforms, frameworks, and foundational services used by platform and development teams-making secure patterns the default choice for Kubernetes deployments
• Drive adoption of security best practices and influence technical direction for Kubernetes security, workload isolation, and container deployment
• Own the security architecture and posture of our Kubernetes infrastructure across Azure and AWS environments
• Design and implement secure-by-default infrastructure including pod security policies, network policies, RBAC, admission controllers, and runtime security
• Build and ship production-grade automation, tooling, CLI utilities, and operators to enforce security best practices and detect threats across our Kubernetes clusters
• Develop secure Custom Resource Definitions (CRDs), controllers, and Kubernetes operators for security automation and policy enforcement
• Lead security architecture decisions for workload isolation, secrets management, service mesh security, and supply chain security
• Design, implement, and operate PKI infrastructure for Kubernetes-including private CA hierarchies, automated certificate lifecycle management (cert-manager), service mesh mTLS certificate rotation, and certificate issuance for workloads and control plane components
• Secure the Kubernetes control plane including API server, etcd, and CNI plugin configurations
• Design and implement admission webhooks (validating and mutating) for security policy enforcement
• Identify and drive resolution of complex security challenges in multi-tenant and multi-cluster environments
• Partner with Platform and development teams to embed security into GitOps workflows and the development lifecycle
• Stay ahead of emerging container security threats and proactively harden our defenses
• Develop security testing frameworks and validation tools to continuously verify security controls
• Leverage AI tools to accelerate development, close knowledge gaps, and push the boundaries of what's possible

Requirements

• Active security clearance or ability to obtain and maintain security clearance.
• Deep expertise securing production Kubernetes environments at scale, with comprehensive understanding of the container attack surface
• Extensive experience building Kubernetes operators, CRDs, and controllers-you understand the Kubernetes API and extension mechanisms deeply
• Deep PKI knowledge with hands-on experience designing and operating certificate infrastructure-including private CA hierarchies, cert-manager deployment and operation, automated certificate rotation for service meshes (Istio/Linkerd), certificate lifecycle management, and X.509/TLS troubleshooting
• You've built and maintained PKI infrastructure in production, not just consumed managed certificate services
• Strong soft

Benefits

Additional Information

Space is a warfighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it. OUR MISSION True Anomaly delivers decisive capabilities for space superiority. We build autonomous spacecraft, advanced payloads, mission software, and space-based interceptors - enabling the U.S. and its Allies to secure the space environment and counter threats from the ultimate high ground. OUR VALUES Be the offset. We create asymmetric advantages with creativity and ingenuity. What would it take? We challenge assumptions to deliver ambitious results. It's the people. Our team is our competitive advantage and we are better together. YOUR MISSION Kubernetes security at the scale and complexity of space operations is genuinely hard - and a lot of it is still unsolved. This role exists to change that. As our Staff Kubernetes Security Engineer, you'll build zero-trust foundations and secure paved paths that enable our platform and development teams to ship safely on Kubernetes. You'll own the security posture of our container orchestration platform across multi-cloud environments, architecting security platforms that define how we operate containers in production. Working as part of the Platform Security team, you'll have broad impact across all teams deploying containerized workloads. This is a hands-on technical leadership role where you'll write production code daily while driving strategic security initiatives. You'll thrive on ambiguously hard problems, give yourself the toughest challenges, and have the technical maturity to drive complex security initiatives from conception to production with minimal direction. You'll be working in an AI-native environment where leveraging AI to accelerate your impact is expected. This position requires the ability to obtain and maintain a security clearance.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at trueanomalyinc? Share your experience