Job Description

As a Container Hardening Engineer, you will be part of our DOD DevSecOps practice, focusing on securing containerized environments by implementing hardened, secure container images and ensuring compliance with DOD security standards. Your expertise will help enhance the security posture of Kubernetes workloads and containerized applications across classified and unclassified environments.
This role requires deep technical knowledge of Linux, container security, and software supply chain security, with an emphasis on maintaining and securing open-source packages (Debian, Go, Python, etc.). You will work closely with security, platform, and development teams to build and maintain secure, scalable, and automated solutions.

Key Responsibilities:

• Develop and maintain hardened container images that comply with DOD security baselines, reducing vulnerabilities and attack surfaces.
• Contribute to and maintain security-focused open-source projects, particularly in container security and Kubernetes ecosystems.
• Maintain and secure open-source packages (Debian, Go, Python, or similar) with a focus on security hardening and vulnerability remediation.
• Implement and enforce software supply chain security best practices, including SBOM (Software Bill of Materials) validation, sigstore, and SLSA frameworks.
• Enhance Kubernetes security through policy enforcement, runtime protection, and compliance automation.
• Integrate container security tools such as Twistlock, Aqua, Clair, Trivy, Kube-bench, OpenSCAP, and Falco into DevSecOps pipelines.
• Design and implement security solutions for air-gapped/disconnected environments within classified or highly regulated spaces.
• Develop automated security scanning and compliance reporting for containerized workloads.
• Work with developers, platform engineers, and security teams to embed security best practices into the software development lifecycle.
• Stay ahead of emerging threats by monitoring security advisories and contributing to security-focused open-source communities

Qualifications

• DOD Secret clearance eligibility required.
• 5+ years of experience in Linux system administration, container security, or DevSecOps.
• Strong expertise in container security, including image hardening, vulnerability scanning, and runtime protection.
• Demonstrated experience maintaining Debian, Go, or Python packages, with a focus on security hardening and open-source contributions.
• Deep understanding of Kubernetes security best practices, including RBAC, network policies, and admission controllers.
• Hands-on experience with software supply chain security, including SBOM validation, sigstore, and SLSA frameworks.
• Experience deploying and securing Kubernetes in air-gapped/disconnected environments.
• Proficiency in CI/CD security automation using tools like GitLab CI, Jenkins, or ArgoCD.
• Familiarity with compliance frameworks such as NIST 800-190, STIGs, and CIS benchmarks.
• Ability to communicate complex security concepts effectively to both technical and non-technical stakeholders.

Additional Information

We Value:

• Drive: Passion and energy to implement quality technical solutions. Self-motivation and intellectual curiosity
• Commitment to Quality: Passion to conceive and produce world-class solutions that drive real-world value for the customer
• Customer Focus: Consultative approach to solving problems for customers. Expectations management.
• Communication: Superior communication skills. Ability to clearly articulate problems, solutions, risks, rewards etc. (written and verbal)
• Technical Skills: Love for technology. You have to be inherently passionate about technology.
• Business Acumen: Technology ultimately is used to enable the business. We look for people who understand how the businesses can be enabled through their technical solutions

What we offer:

• Ability to make a noticeable difference for the organization and our customers
• Tremendous growth opportunity by becoming part of a rapidly growing organization. It’s not your tenure but what you can bring to the table that defines how your career will be shaped. You control your growth.
• Complex but interesting challenges to improve the depth and breadth of your technical and business skills. Our consultants are business technologists and understand how technology drives business.
• Competitive pay and benefits

Oteemo is an equal employment and affirmative action employer. We evaluate qualified applicants on merit and business needs and not on race, color, religion, creed, gender, sexual orientation, national origin, ancestry, age, disability, genetic information, marital status, veteran status or any other factor protected by law. Oteemo complies with the law regarding reasonable accommodations for handicapped and disabled employees.