Security architect jobs in Orchards, WA

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

If you are a technology visionary with a passion for transforming global tax business with digital technology, consider working with the US Tax Transformation technology team. This is an exciting opportunity to support global execution of Deloitte's tax strategy as we shift from "doing digital" to "being digital" by reimagining how we engage with our clients, deliver our services, operate our business, and create value. Work you'll do As a Deloitte Lead AI Security Engineer, you will be crucial in safeguarding our advanced AI models, data, and infrastructure. You'll work closely with Data Scientists, Data Engineers, and MLOps/DevOps teams. Additional responsibilities include: + Implement defences against AI-specific attacks (adversarial, prompt injection, data leakage) + Conduct AI-focused security assessments, penetration tests, red/purple team exercises + Analyse AI system vulnerabilities, develop mitigation strategies, and create AI risk heat maps + Implement security controls throughout the AI/ML lifecycle (data handling, training with GPU isolation, deployment, monitoring, versioning, provenance). Integrate SAST/DAST for ML artifacts + Manage audit trails and automated compliance checks + Implement AI-specific incident response and develop regulatory disclosure playbooks + Manage AI security monitoring, implement executive dashboards linking security to business KPIs, develop security metrics (Adversarial Risk Score, Model Drift Index) + Implement secure training environments and fine-grained data access controls + Contribute to AI-generated fraud detection in transaction monitoring systems. + Act as an AI security SME, continuously research emerging threats The Team Deloitte Tax LLP's Tax Transformation Office (TTO) is responsible for the design, development, and deployment of innovative, enterprise technology, tools, and standard processes to support the delivery of tax services. The TTO team focuses on enhancing Deloitte Tax LLP's ability to deliver comprehensive, value-added, and efficient tax services to our clients. It is a dynamic team with professionals of varying backgrounds from tax technical, technology development, change management, Six Sigma, and project management. The team consults and executes on a wide range of initiatives involving process and tool development and implementation including training development, engagement management, tool design, and implementation. Qualifications Required: + Bachelor's degree in computer science or other relevant discipline. + Ability to perform job responsibilities within a hybrid work model that requires US Tax professionals to co-locate in person 2 - 3 days per week. + 3+ years' cybersecurity experience (application, cloud and data security) including translating regulatory frameworks (NIST AI RMF, EU AI Act) into technical controls. + Demonstrated proficiency in security scripting, automation, and tool development. + Hands-on experience with the Azure Cloud ecosystem and its security services. + Ability to travel 10%, on average, based on the work you do and the clients and industries/sectors you serve + Limited immigration sponsorship may be available. + One of the following active accreditations obtained, in process, or willing and able to obtain: + Licensed CPA in state of practice/primary office if eligible to sit for the CPA + If not CPA eligible: + Licensed Attorney + Enrolled Agent + Technology Certifications: + AWS Certified Solutions Architect + Certified Information Systems Security Professional (CISSP) + Certified SAFe Agile Software Engineer + Certified SAFe Agilist + Certified SAFe DevOps Practitioner + Certified Secure Software Lifecycle Professional (CSSLP) + Certified Secure Software Lifecycle Professional (CSSLP) - (ISC)2 + ISTQB (International Software Testing Qualifications Board) + ITIL Certification + Microsoft Azure + SEI - Software Engineering Institute Certification Preferred: + Expertise in identifying and mitigating AI/ML security threats, including adversarial attacks, prompt injection, and data leakage. + Solid knowledge of AI/ML security frameworks (NIST AI RMF, OWASP, ISO/IEC 27001) and ability to apply them as technical controls. + Experience applying data privacy regulations (GDPR, DORA, EU AI Act) in enterprise AI environments. + Proficiency with Azure security tools (Sentinel, Monitor, Policy, Purview, Key Vault, Azure ML). + Hands-on skills in securing and monitoring MLOps/LLMOps pipelines, including data versioning, provenance, GPU isolation, and deployment. + Ability to automate compliance, incident detection, and security assessments for AI/ML models, using Azure Monitor, KQL, and related tools. + Experience designing secure training environments and implementing fine-grained data access controls. + Track record of researching and deploying innovative AI security solutions; recognized as a subject matter expert (SME). + Strong communication and collaboration abilities with technical and business teams, translating security risks into actionable business insights. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $84,980 to $193,440 You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Information for applicants with a need for accommodation: ************************************************************************************************************ All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

We are looking for a high energy individual with experience and interest in developing cloud native applications, APIs, and data pipelines. This individual will work with a wide range of technologies, both cutting-edge and legacy, and coordinate with both technical and non-technical business teams. Tenacity, an open and curious mind, and desire to learn and understand is critical for success on this team.

The Microsoft Offensive Research & Security Engineering (MORSE) team is looking for a learn-it-all engineer that will help secure Microsoft products and devices. The MORSE team is responsible for securing Microsoft's operating systems, including Windows, cloud computing platforms, and virtualization technologies. These solutions support the daily needs of over one billion customers worldwide. This team performs security design reviews, code reviews, and vulnerability research on key features of Windows and Azure to make sure they meet the highest possible security standards. In this role, you will help a team of engineers tasked with building automation and tooling to streamline and scale detection of vulnerabilities. The ideal candidate will have hands-on experience with native code (C/C++), building security-focused developer-facing tools, a clear understanding of OS security fundamentals, solid computer science skills, and a passion for keeping Microsoft customers safe. Responsibilities * Equip Microsoft developers with powerful, easy-to-use security tools to catch security issues earlier * Improve existing processes and tools to help us deliver our goal of ubiquitous fuzzing * Collaborate with teams of security experts to understand their requirements and build tools to streamline or automate common tasks * Devise new methods to systematically detect vulnerabilities at scale Qualifications Required * Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field OR equivalent experience. Other Requirements: Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter. Preferred * Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 8+ years experience in security or related field OR equivalent experience. * Public track record of relevant security research, especially around vulnerability discovery * Experience exploiting bugs and bypassing security mitigations in Operating Systems * Familiarity with Microsoft Windows architecture * 5+ years of experience in a software engineering or security-related field * 3+ years of software engineering in a systems language such as C, C++, or Rust Penetration Testing IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year. Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: **************************************************** This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Founded in 2017 Perfecta is a division and a wholly owned subsidiary of City National Security a well known and reputed company providing IT Consulting , Staffing and Security services throughout the United States. Perfecta brings a rich experience of over 12 years in providing fully scaled IT Consulting and Staffing & Recruiting services. Perfecta brings a successful track record of delivering value based quality professional solutions at economical price to its customers across the U.S. Perfecta has successfully executed various IT and Staffing projects with its government and commercial clients and has consistently provided quality services to its customers. Job Description Part I. General Information Under this Statement of Work (SOW), the Contractor shall analyze, recommend, create working documentation, guidelines, policies, standards, instructional procedures, and conduct assessments to support the implementation of the following: • PERS Information Security Awareness and Training Program • PERS Information Security Program • Reorganization and alignment of PERS Information Security policies, standards, and procedures Part II. Work The Contractor shall comply with OPERS contractual deliverable review and approval processes by working with OPERS Quality Assurance in utilizing the Quality Checkpoint process attached to this SOW as Attachment 1. Quality Checkpoint is a Quality Assurance process to verify that major deliverables in the project have been reviewed and approved by their respective stakeholders. PERS Information Security Awareness and Training Program Contractor shall assist OPERS' CISO in the creation, documentation, and implementation of a structured Information Security Awareness and Training Program. Contractor shall work with OPERS to plan, document and implement solutions to fit the needs of OPERS. Tasks to support OPERS' Information Security Awareness and Training Program include, but not limited to: 1. Define activities to be performed to enable and implement the Security Awareness and Training Program 2. Research and document materials needed to implement the program 3. Research and document delivery methods and related activities to implement the program 4. Research, obtain stakeholder buy-in, and document a regularly occurring schedule of activities. 5. Develop content for PERS specific, role based training for data/system owners/custodians. 6. Develop content, produce materials for PERS specific training for staff. 7. Deliver Security, Awareness and Training materials, presentations, etc. to targeted audiences Reorganization of PERS Information Security policy structure In the first phase of policy, standard, procedure creation, emphasis was placed on creating required policy documentation to address HPE findings. In this second phase, the emphasis is to consolidate and reorganize the policy structure, resulting in fewer policies, and more specific requirements, based on security domains: 1. Identify and convert redundant policies to standards as appropriate 2. Align policy structure to NIST CSF domains 3. Address gaps by creating policies, standards, and procedures as identified and needed. Implementation of PERS Information Security Program Initialize and implement operation of Information Security program: 1. Conduct Third Party and Software Development Information Security assessments 2. Initialize policy exception requesting, approval, denial, and risk acceptance process. Part III. Special Considerations Contractor acknowledges and agrees that any and all information regarding OPERS installation, design, configuration, data migration will be kept confidential. Part IV. Travel and Other Expenses OPERS shall not reimburse Contractor for any expenses under this Contract. Work must be completed on-site, Tigard, OR Additional Information All your information will be kept confidential according to EEO guidelines.

**Looking for an opportunity to make an impact?** **At Leidos,** we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. **Your greatest work is ahead!** We are looking for a **Substation Physical Engineer** to join our team. As an Career Substation Physical Engineer, candidates will have the opportunity to work on projects for electric utilities at voltages from 12kV up to 500kV. This is an exciting and growing field in the power systems industry and allows candidates to get exposure to how the power generation such as that of renewable energy ties into the electric system. Candidates will be expected to use knowledge of digital logic design, AC and DC circuits to design substation electrical projects. ***Hybrid Schedule Available!** Successful candidates can look forward to a fast paced, diverse work environment and flexible work hours/work arrangements as well as managers who will encourage **career development and growth including:** + Engineer in Training Certificate (EIT). + Professional Engineer License (PE). + Project Management Professional (PMP). + Technical & Non-Technical Training Opportunities. + Leadership Opportunities. + Mentorship & Training Opportunities. + Opportunity to Lead, Grow, and Inspire a Dynamic Team **Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!** **The Challenge:** + Experience in executing substation physical projects + Excellent communication skills and ability to interact with the internal team and clients to meet project needs. + Performing quality control checks on substation physical design projects. + Expected to read and design substation physical drawings such as one-line drawings, three-line drawings, plan-section drawings, foundation, grounding drawings. + Create and check bill of materials for substation physical + Expected to attend site visit at customer location Successful candidates must comply with quality control and safe work practices and maintain compliance with project scope, schedule, and budget. This position will be a member of a design team comprised of engineers, designers, and CAD technicians and will work with client standards to implement design. **What Sets You Apart:** + **Mid-Level** : Bachelor's degree in electrical engineering, or related degree with two (2+) or more years of related substation physical design experience. + **Senior-Level** : Bachelor's degree in electrical engineering, or related degree with four (4+) or more years of related substation physical design experience. + **Lead -Level:** Bachelor's degree in electrical engineering, or related degree with eight (8+) or more years of related substation physical design experience. + Experience with grounding studies/lightning protection and lighting studies. + Demonstrate Excellent communication skills and ability to interact with the internal team and clients to meet project needs. + Ability to meet deadlines under pressure situations. + Collaborator and leader who can work effectively in team environment. + Self-starter who works independently with minimal direction. + Strong analytical skills and proven problem solver in both team and independent environments. + High level of computer competency. + Willingness to travel to project / client sites and Portland, OR office as needed. **You Might Also have:** + US Citizen and able to pass a DOE Background + Engineer Intern ("EI" or "EIT") professional certification. + Professional Engineer ("PE") License. + Working knowledge of protection and control design + Experience with bus calculation + Experience with WinIGS or CDEGS + Master's degree in related field. **WHAT WE DO** Leidos is a trusted and technology-focused solutions provider. Utilities and mobile operators rely on our Power Delivery Services Team for reliable power and telecommunication expertise, as reflected through our work with more than 50 investor-owned utilities, more than 160municipals/cooperatives,as well as a growing number of mobile operators, local utility providers and private developers. In addition to providing engineering and project management services, Leidos works with an established group of industry-leading construction partners delivering meaningful Energy Delivery Solutions. Our recognition as an industry leader is confirmed by the latest national rankings by Engineering News-Record (ENR) ranking Leidos within the Top 10 T&D Firms, and Top 10 Power Firms. To explore and learn more, click here (***************************************************** ! **At Leidos,** we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. **We take care of our employees.** Leidos seeks the best and the brightest, and in return, we invest in you, with an eye on your future, through career advancement, growth opportunities and continuous improvement via mentoring, formal and informal project management training and assistance with obtaining pertinent certifications. We challenge you to help solve some of the world's toughest problems, and reward you (************************************ with a welcoming culture that recognizes the importance of a strong work/life balance, as well as competitive compensation and benefits (******************************************** . We believe that diversity and inclusion make us all better and offer the chance to have fun and make a difference. PowerDelivery PDSSUBSTATION If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. **Original Posting:** September 22, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. **Pay Range:** Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. **About Leidos** Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit ************** . **Pay and Benefits** Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at **************/careers/pay-benefits . **Securing Your Data** Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at ***************************** . If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission (******************************* . **Commitment to Non-Discrimination** All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. REQNUMBER: R-00167217 All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

**About the job you're considering** Are you passionate about securing the future of cloud-native infrastructure in mission-critical environments? Join our team in Portland, OR, as a Kubernetes Security Engineer supporting the aerospace industry, where security, reliability, and precision are paramount. In this onsite role, you'll focus on hardening and isolating Kubernetes clusters to minimize blast radius in the event of compromise. This includes enforcing Linux security modules like SELinux and AppArmor, leveraging Trusted Platform Module (TPM) for secure boot and attestation, implementing least privilege across nodes and workloads, and ensuring multi-tenant isolation within hybrid Kubernetes environments-spanning x86, ARM, and accelerator-based architectures. You'll work hands-on with cutting-edge technologies and collaborate with cross-functional teams to build resilient, secure infrastructure that supports aerospace innovation. **Your role** + Architect and deploy security-first Kubernetes cluster configurations across diverse hardware platforms, including x86, ARM, and accelerators. + Enforce Linux security modules (SELinux, AppArmor) and sandboxing techniques (seccomp, gVisor, Kata) to protect workloads and system services. + Integrate TPM for secure boot and attestation, ensuring hardware and OS integrity, and support cryptographic operations with HSM/KMS systems. + Design multi-tenant isolation strategies using namespaces, node pools, and hardware partitioning to prevent lateral movement and reduce blast radius. + Apply least-privilege policies using RBAC, PodSecurityStandards, NetworkPolicies, and resource constraints to secure workload execution and mitigate denial-of-service risks. + Harden Kubernetes components (API server, etcd, kubelet) using CIS and NSA benchmarks, and implement kernel-level protections like seccomp-bpf and IMA/EVM. + Secure workload secrets using TPM-backed storage and tools like SealedSecrets, HashiCorp Vault, or SOPS for safe distribution and access control. + Strengthen supply chain security through image signing (cosign, Notary), SBOM scanning, and CI/CD vulnerability management. + Monitor runtime behavior with tools like Falco and Cilium Tetragon, and collaborate with SRE and Security teams to develop incident response runbooks and conduct breach simulation drills. **Your skills and experience** + Bachelor's degree in Computer Science, Engineering, or a related technical field, with 8-10 years of experience in infrastructure, security, or systems engineering. + Deep expertise in Kubernetes internals, including cluster hardening, multi-tenant isolation, and security architecture. + Advanced proficiency in Linux security features such as SELinux, AppArmor, seccomp, and kernel-level protections. + Hands-on experience with TPM for secure boot, attestation, and integration with HSM/KMS for cryptographic operations and secrets management. + Strong understanding of Pod Security frameworks (PodSecurityStandards, OPA, Gatekeeper, Kyverno) and implementation of RBAC, NetworkPolicies, and workload isolation at scale. + Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications in hybrid environments. + Experience with runtime and supply chain security tools and frameworks, including Falco, Cilium Tetragon, cosign, Notary, SLSA, and NIST 800-190. + Knowledge of confidential computing (TEE, SGX, SEV), air-gapped deployments, and hardened Linux distributions like Flatcar and Bottlerocket. **Life at Capgemini** **Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:** + Flexible work + Healthcare including dental, vision, mental health, and well-being programs + Financial well-being programs such as 401(k) and Employee Share Ownership Plan + Paid time off and paid holidays + Paid parental leave + Family building benefits like adoption assistance, surrogacy, and cryopreservation + Social well-being benefits like subsidized back-up child/elder care and tutoring + Mentoring, coaching and learning programs + Employee Resource Group + Disaster Relief **About Capgemini Engineering** World leader in engineering and R&D services, Capgemini Engineering combines its broad industry knowledge and cutting-edge technologies in digital and software to support the convergence of the physical and digital worlds. Coupled with the capabilities of the rest of the Group, it helps clients to accelerate their journey towards Intelligent Industry. Capgemini Engineering has 65,000 engineer and scientist team members in over 30 countries across sectors including Aeronautics, Space, Defense, Naval, Automotive, Rail, Infrastructure & Transportation, Energy, Utilities & Chemicals, Life Sciences, Communications, Semiconductor & Electronics, Industrial & Consumer, Software & Internet. Capgemini Engineering is an integral part of the Capgemini Group, a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of 22.1 billion. **Get the future you want |** ********************* **Disclaimer** Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law. This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship. Capgemini is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.Click the following link for more information on your rights as an Applicant ************************************************************************** Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini. **Job:** _Developer_ **Organization:** _ERD PPL US_ **Title:** _Sr. Kubernetes Security Engineer_ **Location:** _OR-Portland_ **Requisition ID:** _081871_

At PLEXSYS, our teams design, build and deliver Live, Virtual, and Constructive (LVC) innovation and training solutions to customers around the world. With over 200 employees in seventeen states and four foreign countries, we contribute our success to enabling better training…everyday…across the globe. As an employee of PLEXSYS, you'll find a culture that empowers you to achieve your professional objectives, give your personal best, and work with other highly passionate individuals. Our core values of integrity, excellence, teamwork and agility drive our daily decisions, identify our focus areas, and inspire our organizational culture. GENERAL DESCRIPTION The Information System Security Officer (ISSO) is responsible for ensuring the appropriate operational security posture for information systems and as such, works in close collaboration with the ISSM, CPSO, and FSO. The ISSO must have detailed knowledge and expertise required to manage the security aspects of an information system and is assigned the day-to-day responsibility for assigned systems. Responsibilities include implementation of the requirements of Risk Management Framework, including the Joint Special Access Program (SAP) Implementation Guide (JSIG), NIST 800-53, or other security requirements as assigned. This position will report to the Corporate Information Assurance Manager and work in close collaboration with the AFSO and FSO. The ISSO is responsible for developing and updating the security authorization package, managing and controlling changes to the system, and assessing the security impact of those changes. Ensure systems are operated, maintained, and disposed of following security policies and procedures as outlined in the security authorization package. Report all security-related incidents to the ISSM. Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure audit records are collected, reviewed, and documented. Duties also include physical and environmental protection, personnel security, and incident handling. DUTIES & RESPONSIBILITIES Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirement Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirements Conduct vulnerability scans and analysis Conduct maintenance on the networks, systems, and hardware Perform software upgrades on networks, systems, and hardware Perform security assignments in accordance with the Automated Information System requirements and local regulations Understand and follow NISPOM/ODAA/RMF/JAFAN/ICD/NIST/JSIG classified system accreditation and certification requirements Other duties as assigned REQUIREMENTS Bachelor's degree in related field or 4 years' experience in related field DoD 8570 compliant, IAT Level II Experience with Windows based administration of Information Systems Ability to work within compliance standards; previous experience with RMF, HIPAA , PCI DSS, or equivalent compliance standard preferred Strong experience in networking, active directory, centralized logging solutions, vulnerability scanning and anti-virus solutions Experience with security audits for information systems Strong communication and problem-solving skills Ability to work in both a team environment as well as independently Must be organized and detail oriented Ability to obtain and maintain Top Secret clearance with the ability to obtain approval for SAP/SCI access DESIRABLE Have previous experience with DoD Security Regulations and Policies PERKS As a PLEXSYS employee, you can expect certain advantages; such as advancement based on performance, competitive wages, valuable benefits and a great working environment. Our team is committed to ensuring an environment that empowers individuals to realize their full potential by providing opportunities and necessary support to achieve personal and professional goals. Medical/Vision/Prescription/Dental Benefits Life, AD&D and Long Term Disability Coverage Paid Holidays, Military Leave, and Paid Time Off 401k Plan with eligibility from first day of employment Education reimbursement for job-related courses for full-time employees PriceClub/COSTCO/Sam's Club annual membership

At Pacific Seafood, we do more than just provide the world with the healthiest proteins on the planet. We are a family-owned, excellence-driven organization committed to being the brand of choice in the marketplace and the employer of choice in the community. We believe in servant leadership, investing in our team members' personal and professional growth, and rewarding performance. We live by the core values of our Diamond Philosophy: Teamwork, Productivity, Quality, and Excellence-which means consistently doing your best and always striving to do better. Summary: The Senior Security Engineer at Pacific Seafood is a key role in our information technology team supporting efforts to strengthen, enhance, and protect the security posture of our enterprise environment. This position involves leading security initiatives, monitoring and improving security controls, driving incident response and partnering across IT and business teams and is ideal for someone who is proactive, highly analytical, calm under pressure and passionate about building a security by design culture. Key Responsibilities: 1. Security Engineering & Architecture: * Establish, maintain and implement enterprise security best practices, policies and hardening standards * Participate in architectural reviews and provide security requirements for new systems, applications, cloud resources and infrastructure * Integrate new security technologies into existing environments and ensure secure configuration of all systems 2. Threat Detection & Vulnerability Management: * Leverage and centralize all logging platforms * Conduct proactive threat hunting, log analysis and behavioral detection reviews * Perform vulnerability scanning, prioritization, and remediation planning with cross functional teams 3. Incident Response & Security Operations: * Oversee the incident response lifecycle including detection, containment, eradication and recovery * Develop incident response playbooks and runbooks, and post-incident review documentation * Support endpoint detection and response, antivirus tools, server/endpoint security controls 4. Network, Analysis & Security: * New Network Device Detection and Threat Determination * Device Anomalous Communication Detection and Remediation * Network segmentation strategy * Firewall Device and User Policy Determination * Other duties as assigned Additional responsibilities may be assigned as deemed necessary to support the overall goals and objectives of the position. What you bring to Pacific Seafood: Required: * Bachelor's degree in Computer Science or equivalent professional experience * Minimum of five years of related experience in information security or infrastructure security * Strong experience with Active Directory, Azure Entra ID, MFA, and identity lifecycle management * Hands-on experience with endpoint and server security tools including EDR, anti-virus, and configuration baselines * Working knowledge of firewalls, enterprise networking, and network security policies * Experience with centralized logging solutions, SIEM tools, and vulnerability scanners * Ability to analyze technical and non-technical controls, identify gaps, and propose remediations * Experience conducting internal security audits, investigations, and compliance reviews * Strong communication, documentation, and problem-solving skills * Ability to travel as necessary; valid driver's license Preferred: * Experience leading enterprise-wide security projects or architectural reviews * Palo Alto Security toolset experience (Strata, IoT, PanOS, Cortex XDR) * Experience with Microsoft Exchange, Microsoft Purview, and email security tools * Experience with privileged access management (PAM) systems * Threat hunting and SIEM rule development experience (Sentinel, LogRhythm, etc.) * Security certifications such as CISSP, GSEC, CEH, or equivalent Total compensation: At Pacific Seafood your base wage is only a portion of your overall compensation package. We invest in our Team Members through a comprehensive and attractive total rewards package, including but not limited to: * Health insurance benefits options, including medical, prescription, vision, dental, basic group life and short term disability. * Flexible spending accounts for health flex and dependent care expenses * 401(k) Retirement Plan options with generous annual company profit sharing match * Paid time off for all regular FT team members, to include sick days, paid holidays, vacation and personal time * Employee Assistance Program- Confidential professional counseling, financial, and legal assistance provided at no charge to Team Members and immediate family members * Product purchase program

We are looking for an AI Security Engineer to design, implement, and secure our next generation of AI solutions. You will combine hands-on engineering with security and governance expertise to ensure safe and compliant AI adoption. You will build and maintain AI guardrails, enforce Agent RBAC and permissions tied to firm roles, and integrate Data Loss Prevention (DLP) pipelines to protect sensitive information from leaking into LLM endpoints. Partnering with cloud, security, and governance teams, you will evaluate AI architectures for bias, drift, and risk, while aligning them with frameworks like NIST AI RMF, EU AI Act, and ISO/IEC 42001. You are equally comfortable developing AI security controls in Python/YAML as they are advising on compliance strategy - ensuring Fisher Investments leverages AI responsibly, securely, and at scale. You will report to the Team Lead. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements - 7+ years in IT, Information Security, or AI/ML engineering roles, with experience in: Design, reviewing, and implementing secure AI programs in enterprise environments Apply compliance frameworks (ISO 27001, SOC 2, NIST AI RMF, EU AI Act, ISO/IEC 42001) Build RBAC/ABAC-based permission models for AI agents and personas - 2+ years of hands-on AI/ML administration or engineering, including: Experience with NVIDIA NeMo Guardrails, Azure AI Foundry, or similar platforms Design and deploy DLP solutions or privacy-preserving data pipelines for AI Support AI and security operations in a large enterprise - Proficiency with Terraform, Python, and cloud automation Prior experience in cloud security, data protection, and SIEM/logging for AI traffic - Leadership experience is a nice to have

Rajesh KRG Technologies Inc. 25000 | Avenue Stanford | Suite 253 | Valencia, CA 91355 rajesh.b at krgtech.com / ************ EXT- 514 Job Description : General Cryptography (symmetric algorithms like AES, DES and asymmetric or public crypto like RSA, EC) Experience of open security suites like Openssl, embed TLS, Elgamal or other opensource secure communication packages which export general crypto api's (e.g. Open SSL, Elgamal) Public key and private key concepts Programming in ‘C' Preferred: Basic kernel driver development concepts, linux Userspace Desirable : DRM's, NOCS, Nagra Additional Information All your information will be kept confidential according to EEO guidelines.

Description We are looking for a skilled Data Security Analyst to join our team on a contract basis in Portland, Oregon. This role focuses on managing access control, provisioning, and maintaining security workflows to ensure compliance and operational efficiency. The successful candidate will work closely with stakeholders to refine access matrices and support security operations using tools like SailPoint and Active Directory. Responsibilities: - Oversee access control management by reviewing and refining predefined enablement matrices based on functional roles. - Collaborate with stakeholders to determine and implement access requirements for various positions. - Manage user provisioning and deprovisioning processes, ensuring timely updates when roles change or access is no longer needed. - Utilize tools such as SailPoint, Active Directory, and SAP GRC to execute secure and efficient access management. - Support and maintain workflows in SailPoint, addressing system issues and applying break-fix solutions as needed. - Ensure compliance with change management protocols during system updates and process adjustments. - Partner with application administrators and technical teams to continuously improve security operations. - Conduct quality assurance checks to ensure accurate and reliable access provisioning and deprovisioning. - Address operational security concerns and provide technical support to resolve access-related issues. Requirements - Proven experience in access control management and identity and access management (IAM). - Strong knowledge of SailPoint, Active Directory, and other security-related tools like SAP GRC. - Familiarity with provisioning, deprovisioning, and maintaining user access rights. - Ability to collaborate effectively with stakeholders, technical teams, and functional leads. - Experience in quality assurance and change management processes. - Demonstrated ability to troubleshoot and resolve technical issues in security systems. - Strong organizational and communication skills to manage complex workflows. - Knowledge of SharePoint workflow processes is a plus. Technology Doesn't Change the World, People Do. Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles. Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more. All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information. © 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use (https://www.roberthalf.com/us/en/terms) .

The Security Engineer will focus on hardening and isolating K3s clusters to minimize blast radius in the event of compromise. This includes enforcing Linux security modules (SELinux, AppArmor), leveraging TPM for secure boot and attestation, implementing least privilege across nodes and workloads, and ensuring multi-tenant isolation within hybrid Kubernetes environments (x86, ARM, accelerators). Responsibilities Security Architecture & Policy Enforcement Design and implement security-first cluster configurations for K3s nodes. Enforce mandatory access control (MAC) using SELinux and AppArmor profiles for pods and system services. Integrate TPM-based attestation and secure boot for cluster nodes to ensure trust in hardware and OS integrity. Establish node, pod, and namespace isolation strategies to reduce lateral movement risk. Harden cluster components (API server, etcd, kubelet) following CIS and NSA Kubernetes security benchmarks. Blast Radius Reduction Define and enforce workload sandboxing strategies (seccomp, AppArmor, SELinux contexts, gVisor/Kata if applicable). Configure minimal privilege policies (RBAC, PodSecurityStandards, NetworkPolicies) to ensure least-privilege execution. Implement namespace, node pool, and hardware partitioning to confine workloads and protect sensitive applications. Apply resource quotas, limits, and scheduling constraints to contain denial-of-service blast radius. Integration with Identity & Secrets Management Work with Security team to ensure strong identity, authentication, and authorization models. Integrate TPM-backed secrets storage and HSM/KMS systems for cryptographic operations. Ensure secure distribution of workload secrets with solutions like SealedSecrets, HashiCorp Vault, or SOPS. Runtime & Supply Chain Security Enforce image signing and verification with cosign or Notary. Integrate SBOM scanning and vulnerability management into CI/CD pipelines. Monitor workloads for runtime anomalies (Falco, Cilium Tetragon, or equivalent). Apply kernel hardening measures (seccomp-bpf, kernel lockdown, IMA/EVM with TPM). Monitoring & Incident Response Build observability hooks for security events (audit logs, syscall monitoring, TPM attestations). Define blast radius response runbooks for compromised pods or nodes. Work with SRE and Security teams to test chaos/security drills simulating breaches. Deliverables K3s cluster baseline hardened with SELinux and AppArmor profiles. TPM-enabled secure boot and node attestation pipeline. Enforced PodSecurityStandards and workload sandboxing (seccomp, gVisor/Kata optional). Documentation of isolation strategies (namespaces, node pools, network segmentation). Audit-ready evidence of compliance with CIS/NSA Kubernetes security benchmarks. Security runbooks for containment and blast radius reduction. Required Skills & Experience Strong knowledge of K3s/Kubernetes internals, especially security features. Hands-on experience with SELinux, AppArmor, seccomp, and Linux capabilities. Experience with TPM (Trusted Platform Module) for secure boot and attestation. Deep understanding of Pod Security (PodSecurityPolicies/Standards, OPA/Gatekeeper/Kyverno). Experience implementing RBAC, NetworkPolicies, and workload isolation at scale. Proficiency in Linux kernel security mechanisms and debugging. Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications. Strong background in incident response, forensic data collection, and audit logging in Kubernetes. Nice to Have Contributions to Kubernetes SIG-Security or open-source security tooling. Experience with supply chain security frameworks (SLSA, NIST 800-190). Familiarity with confidential computing (TEE/SGX/SEV) for workload isolation. Hands-on with Cilium Tetragon, Falco, or other runtime security tools. Knowledge of air-gapped deployments and hardened Linux distributions (e.g., Flatcar, Bottlerocket).

TITLE: N/A JOB CODE: FLSA: Exempt SALARY GRADE: 7 CATEGORY: Full-time UNION REPRESENTATION: NA SCHEDULE: Hybrid SUPERVISORY ROLE Y/N: 11.2025 The Information Security Analyst I plays a critical role in safeguarding the organization's systems and information assets. This position supports the development and implementation of security strategies, tools, and guidelines to protect against unauthorized access, data breaches, and system disruptions. Responsibilities include monitoring and responding to Information Security-related alerts, supporting audit and risk assessment activities, evaluating internal controls, and recommending improvements to enhance security posture. The analyst assists in migrating non-compliant environments to meet regulatory standards and ensures adherence to data protection laws and banking industry compliance requirements. This role is foundational to maintaining the confidentiality, integrity, and availability of sensitive financial data and supporting the organization's overall cybersecurity framework. ESSENTIAL DUTIES Identity and Access Management Support access provisioning, modification, and termination processes to ensure timely and secure access control. Conduct administrator activity and user access reviews across IT systems, including privileged access audits and firewall/cloud app usage monitoring. Maintain asset and access inventories, perform recurring audits of critical systems, and reconcile against endpoint and network tools. Security Monitoring and Incident Response Monitor and respond to alerts from SIEM, IDS, firewalls, and endpoint protection systems. Conduct vulnerability scans, track remediation efforts, and facilitate related meetings. Maintain readiness for incident response activation, including participation in tabletop exercises. System Administration and Tool Management Administration of cloud computing environments, conditional access, and guest provisioning following established best practices. Manage software controls, browser extensions, and patching processes. Administer security camera system and ensure system uptime. Administer Mobile Device Management system. Threat Intelligence and Continuous Improvement Stay informed on emerging threats in the banking sector and contribute to threat intelligence reporting. Research and test new security tools, controls, and AI applications to enhance the Bank's security posture. Correctly identify true and false positives in alerting systems and tune these systems for continuous improvement. Security Awareness and Training Support phishing simulations and training campaigns, track completion, and report metrics to management. Documentation and Reporting Log findings, remediation efforts, and audit results in a structured ticketing system. Assist with vendor management program administration and reporting. Data Protection and Compliance Ensure compliance with GLBA, FFIEC, and other applicable regulations through log retention, configuration management oversight, and DLP monitoring. Administer data classification tools and respond to violations involving PII or sensitive data. Audit VPN usage and test controls across email, endpoint, and network security platforms. Completes mandatory compliance training in accordance with established deadlines. The position performs duties specific to the position and other functions as assigned. ROLE COMPETENCIES/SKILLS Attention to Detail Collaboration & Communication Diversity & Inclusion Execution & Ownership Time Management Compliance Innovation Systems Thinking Data Analysis & Management Information Security Network Operations Critical Thinking Consulting Analytical Thinking ENVIRONMENT, PHYSICAL & MENTAL ACTIVITIES The incumbent is in a non-confined office-type setting in which they are free to move about at will. It may include some minor annoyances such as noise, odors, drafts, etc. For Hybrid and Remote roles, work may also be performed away from BSB worksites depending on the position and requirements. For Hybrid/Remote work, employees are required to have an environment when working at home that has a dependable, high-speed internet connection and environment conducive to frequent phone or internet calls where private, confidential or other information is not visible, able to be overheard, or physically or electronically accessible to anyone else. The incumbent in the course of performing this position spends time writing, typing, speaking, listening, lifting (up to 10 pounds), driving, carrying, seeing (such as close, color and peripheral vision, depth perception and adjusted focus), sitting, pulling, walking, standing, squatting, kneeling and reaching. The incumbent for this position may operate any or all of the following: personal computer, cellular telephone, printer, fax, and other standard office equipment. The incumbent in this position must be able to accommodate reading documents or instruments, detailed work, problem solving, customer contact, reasoning, math, language, presentations, verbal and written communication, analytical reasoning, stress, multiple concurrent tasks and constant interruptions. The work environment characteristics, physical and mental demands described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. POSITION REQUIREMENTS Minimum Qualifications Bachelor's degree in Information Technology, Cybersecurity, or a related field, or equivalent combination of education and experience. 5 years of professional experience in IT support or related technical roles. Foundational understanding of cybersecurity principles, including access control, endpoint protection, and network monitoring. Familiarity with Microsoft 365, Active Directory, and basic system administration tasks. Ability to conduct audits, manage tickets, and document findings accurately. Strong analytical and troubleshooting skills. Effective communication skills and ability to collaborate across departments. Preferred Qualifications Bachelor's degree in Information Technology, Cybersecurity, or a related field. Experience with banking industry compliance standards (e.g., GLBA, FFIEC). Hands-on experience with security tools such as SIEM, DLP, IDS/IPS, EDR, Email Filtering, and Firewalls. Exposure to vulnerability management platforms and identity/access management processes. Familiarity with Microsoft cloud services and Mobile Device Management. Experience supporting or administering phishing simulations, security awareness programs, or similar efforts. Knowledge of vendor management platforms and data classification tools. Management reserves the right to change this position description at any time according to business needs. #LI_Hybrid

SurveyMonkey is the world's most popular platform for surveys and forms, built for business-loved by users. We combine powerful capabilities with intuitive design, effectively serving every use case, from customer experience to employee engagement, market research to payment and registration forms. With built-in research expertise and AI-powered technology, it's like having a team of expert researchers at your fingertips. Trusted by millions-from startups to Fortune 500 companies-SurveyMonkey helps teams gather insights and information that inspire better decisions, create experiences people love, and drive business growth. Discover how at surveymonkey.com. What we're looking for We're seeking a Senior Systems Engineer to join our Business Systems Automation team to design, build, and optimize automation workflows that streamline business processes across the organization. As a key member of the Scrum team, you will lead the end-to-end delivery of automation initiatives, including supporting process discovery, completing solution design, development, deployment, and robust production support for automations and cloud-native data pipelines. This isn't just a development role; you'll partner closely with both technical and non-technical stakeholders to translate complex business challenges into impactful, measurable automation solutions. You'll play a crucial role in helping the team identify business benefits and help drive operational improvements. What you'll be working on Lead design and development of complex automation workflows and integrations across business systems. Collaborate with stakeholders to analyze processes and identify automation opportunities. Provide production support for existing and future automation and Lambda workflows, including monitoring, issue resolution, queue oversight, and user interactions Write and maintain Python-based scripts to support automation, integration, and data transformation tasks Collaborate closely with peers to maintain documentation, code hygiene, and continuous improvement cycles Implement error handling, logging, and monitoring for all workflows to ensure operational reliability. Work with IT security and governance teams to ensure all integrations comply with data privacy, security, and compliance standards. Troubleshoot and resolve integration issues, ensuring minimal disruption to business operations. Provide technical mentorship to junior engineers. Contribute to measurable productivity savings, write clear business use-cases, define business impact metrics, support and design solutions that reduce manual effort, improve data reliability, reduce costs, and scale business operations. We'd love to hear from people with 5+ years of experience delivering automation solutions, workflows, and pipelines for stakeholders Strong technical expertise with integration and automation/ AI platforms (e.g., Workato, MuleSoft, Glean, etc). Ability to work effectively within an agile team environment and demonstrate strong ownership of assigned responsibilities and goals Proficiency in Python or JavaScript for scripting and API integrations Hands-on experience delivering solutions across ERP, CRM, HRIS, or other SaaS business applications. Detail-oriented, able to prioritize multiple tasks under tight deadlines, and able to work in an efficient, quick, and organized manner Experience mentoring junior staff and fostering team development. System certifications (Workato, Mulesoft, etc) are a plus Experience with UiPath is a plus Experience working in a scrum environment The base pay provided for this position ranges from $125,375 / year - $169,625 / year depending on the geographic market and assuming a full-time schedule. Actual base pay is based on a number of factors including market location, job-related knowledge, education or training, skills, and experience. Bonuses and commissions may also be offered as part of the total compensation package, in addition to a competitive benefits package including medical, dental, vision, life, and disability insurance; 401(k) retirement plan; flexible spending & health savings account; paid holidays; paid time off; employee assistance program; and other company benefits. #LI-remote Why SurveyMonkey? We're glad you asked At SurveyMonkey, curiosity powers everything we do. We're a global company where people from all backgrounds can make an impact, build meaningful connections, and grow their careers. Our teams work in a flexible, hybrid environment with thoughtfully designed offices and programs like the CHOICE Fund to help employees thrive in work and life. We've been trusted by organizations for over 25 years, and we're just getting started. Our milestones include celebrating a quarter-century of curiosity with 25 acts of giving, opening new hubs in Costa Rica and India, crossing the threshold of 100 billion questions answered, and earning recognition as one of the Most Inspiring Workplaces across North America and Asia. We live our company values-like championing inclusion and making it happen-by embedding them into how we hire, collaborate, and grow. They help shape everything from our culture to our business decisions. Come join us and see where your curiosity can take you. Our commitment to an inclusive workplace SurveyMonkey is an equal opportunity employer committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. Join the Slalom Cloud Team -a team of trailblazers ensuring we achieve our strategic goals through innovation and investment in the future. You'll collaborate with local market teams, niche experts, and global partners to drive cloud solution sales and empower clients on their cloud transformation journey. As a key member of Slalom's Google Cloud Center of Excellence, you'll leverage our award-winning partnerships and multidisciplinary teams to deliver business value and technical excellence for high-impact security and infrastructure solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired but not required, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. Slalom is committed to fair and equitable compensation practices. For this role, we are targeting the following levels and salary ranges: East Bay, San Francisco, Silicon Valley: * Senior Consultant: $131,000-$196,500 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Senior Consultant: $120,000-$180,000 All other locations: * Senior Consultant: $110,000-$165,000 In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process.

If you are a technology visionary with a passion for transforming global tax business with digital technology, consider working with the US Tax Transformation technology team. This is an exciting opportunity to support global execution of Deloitte's tax strategy as we shift from "doing digital" to "being digital" by reimagining how we engage with our clients, deliver our services, operate our business, and create value. Work you'll do As a Deloitte Lead AI Security Engineer, you will be crucial in safeguarding our advanced AI models, data, and infrastructure. You'll work closely with Data Scientists, Data Engineers, and MLOps/DevOps teams. Additional responsibilities include: * Implement defences against AI-specific attacks (adversarial, prompt injection, data leakage) * Conduct AI-focused security assessments, penetration tests, red/purple team exercises * Analyse AI system vulnerabilities, develop mitigation strategies, and create AI risk heat maps * Implement security controls throughout the AI/ML lifecycle (data handling, training with GPU isolation, deployment, monitoring, versioning, provenance). Integrate SAST/DAST for ML artifacts * Manage audit trails and automated compliance checks * Implement AI-specific incident response and develop regulatory disclosure playbooks * Manage AI security monitoring, implement executive dashboards linking security to business KPIs, develop security metrics (Adversarial Risk Score, Model Drift Index) * Implement secure training environments and fine-grained data access controls * Contribute to AI-generated fraud detection in transaction monitoring systems. * Act as an AI security SME, continuously research emerging threats The Team Deloitte Tax LLP's Tax Transformation Office (TTO) is responsible for the design, development, and deployment of innovative, enterprise technology, tools, and standard processes to support the delivery of tax services. The TTO team focuses on enhancing Deloitte Tax LLP's ability to deliver comprehensive, value-added, and efficient tax services to our clients. It is a dynamic team with professionals of varying backgrounds from tax technical, technology development, change management, Six Sigma, and project management. The team consults and executes on a wide range of initiatives involving process and tool development and implementation including training development, engagement management, tool design, and implementation. Qualifications Required: * Bachelor's degree in computer science or other relevant discipline. * Ability to perform job responsibilities within a hybrid work model that requires US Tax professionals to co-locate in person 2 - 3 days per week. * 3+ years' cybersecurity experience (application, cloud and data security) including translating regulatory frameworks (NIST AI RMF, EU AI Act) into technical controls. * Demonstrated proficiency in security scripting, automation, and tool development. * Hands-on experience with the Azure Cloud ecosystem and its security services. * Ability to travel 10%, on average, based on the work you do and the clients and industries/sectors you serve * Limited immigration sponsorship may be available. * One of the following active accreditations obtained, in process, or willing and able to obtain: * Licensed CPA in state of practice/primary office if eligible to sit for the CPA * If not CPA eligible: * Licensed Attorney * Enrolled Agent * Technology Certifications: * AWS Certified Solutions Architect * Certified Information Systems Security Professional (CISSP) * Certified SAFe Agile Software Engineer * Certified SAFe Agilist * Certified SAFe DevOps Practitioner * Certified Secure Software Lifecycle Professional (CSSLP) * Certified Secure Software Lifecycle Professional (CSSLP) - (ISC)2 * ISTQB (International Software Testing Qualifications Board) * ITIL Certification * Microsoft Azure * SEI - Software Engineering Institute Certification Preferred: * Expertise in identifying and mitigating AI/ML security threats, including adversarial attacks, prompt injection, and data leakage. * Solid knowledge of AI/ML security frameworks (NIST AI RMF, OWASP, ISO/IEC 27001) and ability to apply them as technical controls. * Experience applying data privacy regulations (GDPR, DORA, EU AI Act) in enterprise AI environments. * Proficiency with Azure security tools (Sentinel, Monitor, Policy, Purview, Key Vault, Azure ML). * Hands-on skills in securing and monitoring MLOps/LLMOps pipelines, including data versioning, provenance, GPU isolation, and deployment. * Ability to automate compliance, incident detection, and security assessments for AI/ML models, using Azure Monitor, KQL, and related tools. * Experience designing secure training environments and implementing fine-grained data access controls. * Track record of researching and deploying innovative AI security solutions; recognized as a subject matter expert (SME). * Strong communication and collaboration abilities with technical and business teams, translating security risks into actionable business insights. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $84,980 to $193,440 You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Information for applicants with a need for accommodation: ************************************************************************************************************ Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte's purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more. Professional development From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte Tax LLP, a subsidiary of Deloitte LLP. Please see ********************************* for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Qualified applicants with criminal histories, including arrest or conviction records, will be considered for employment in accordance with the requirements of applicable state and local laws, including the Los Angeles County Fair Chance Ordinance for Employers, City of Los Angeles's Fair Chance Initiative for Hiring Ordinance, San Francisco Fair Chance Ordinance, and the California Fair Chance Act. See notices of various fair chance hiring and ban-the-box laws where available. Fair Chance Hiring and Ban-the-Box Notices | Deloitte US Careers Requisition code: 315506 Job ID 315506

Job Description At Pacific Seafood, we do more than just provide the world with the healthiest proteins on the planet. We are a family-owned, excellence-driven organization committed to being the brand of choice in the marketplace and the employer of choice in the community. We believe in servant leadership, investing in our team members' personal and professional growth, and rewarding performance. We live by the core values of our Diamond Philosophy: Teamwork, Productivity, Quality, and Excellence-which means consistently doing your best and always striving to do better. Summary: The Senior Security Engineer at Pacific Seafood is a key role in our information technology team supporting efforts to strengthen, enhance, and protect the security posture of our enterprise environment. This position involves leading security initiatives, monitoring and improving security controls, driving incident response and partnering across IT and business teams and is ideal for someone who is proactive, highly analytical, calm under pressure and passionate about building a security by design culture. Key Responsibilities: 1. Security Engineering & Architecture: Establish, maintain and implement enterprise security best practices, policies and hardening standards Participate in architectural reviews and provide security requirements for new systems, applications, cloud resources and infrastructure Integrate new security technologies into existing environments and ensure secure configuration of all systems 2. Threat Detection & Vulnerability Management: Leverage and centralize all logging platforms Conduct proactive threat hunting, log analysis and behavioral detection reviews Perform vulnerability scanning, prioritization, and remediation planning with cross functional teams 3. Incident Response & Security Operations: Oversee the incident response lifecycle including detection, containment, eradication and recovery Develop incident response playbooks and runbooks, and post-incident review documentation Support endpoint detection and response, antivirus tools, server/endpoint security controls 4. Network, Analysis & Security: New Network Device Detection and Threat Determination Device Anomalous Communication Detection and Remediation Network segmentation strategy Firewall Device and User Policy Determination Other duties as assigned Additional responsibilities may be assigned as deemed necessary to support the overall goals and objectives of the position. What you bring to Pacific Seafood: Required: Bachelor's degree in Computer Science or equivalent professional experience Minimum of five years of related experience in information security or infrastructure security Strong experience with Active Directory, Azure Entra ID, MFA, and identity lifecycle management Hands-on experience with endpoint and server security tools including EDR, anti-virus, and configuration baselines Working knowledge of firewalls, enterprise networking, and network security policies Experience with centralized logging solutions, SIEM tools, and vulnerability scanners Ability to analyze technical and non-technical controls, identify gaps, and propose remediations Experience conducting internal security audits, investigations, and compliance reviews Strong communication, documentation, and problem-solving skills Ability to travel as necessary; valid driver's license Preferred: Experience leading enterprise-wide security projects or architectural reviews Palo Alto Security toolset experience (Strata, IoT, PanOS, Cortex XDR) Experience with Microsoft Exchange, Microsoft Purview, and email security tools Experience with privileged access management (PAM) systems Threat hunting and SIEM rule development experience (Sentinel, LogRhythm, etc.) Security certifications such as CISSP, GSEC, CEH, or equivalent Total compensation: At Pacific Seafood your base wage is only a portion of your overall compensation package. We invest in our Team Members through a comprehensive and attractive total rewards package, including but not limited to: Health insurance benefits options, including medical, prescription, vision, dental, basic group life and short term disability. Flexible spending accounts for health flex and dependent care expenses 401(k) Retirement Plan options with generous annual company profit sharing match Paid time off for all regular FT team members, to include sick days, paid holidays, vacation and personal time Employee Assistance Program- Confidential professional counseling, financial, and legal assistance provided at no charge to Team Members and immediate family members Product purchase program Pacific Seafood is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Powered by JazzHR mBmt6CwGJB

Job Description The Security Engineer will focus on hardening and isolating K3s clusters to minimize blast radius in the event of compromise. This includes enforcing Linux security modules (SELinux, AppArmor), leveraging TPM for secure boot and attestation, implementing least privilege across nodes and workloads, and ensuring multi-tenant isolation within hybrid Kubernetes environments (x86, ARM, accelerators). Responsibilities Security Architecture & Policy Enforcement Design and implement security-first cluster configurations for K3s nodes. Enforce mandatory access control (MAC) using SELinux and AppArmor profiles for pods and system services. Integrate TPM-based attestation and secure boot for cluster nodes to ensure trust in hardware and OS integrity. Establish node, pod, and namespace isolation strategies to reduce lateral movement risk. Harden cluster components (API server, etcd, kubelet) following CIS and NSA Kubernetes security benchmarks. Blast Radius Reduction Define and enforce workload sandboxing strategies (seccomp, AppArmor, SELinux contexts, gVisor/Kata if applicable). Configure minimal privilege policies (RBAC, PodSecurityStandards, NetworkPolicies) to ensure least-privilege execution. Implement namespace, node pool, and hardware partitioning to confine workloads and protect sensitive applications. Apply resource quotas, limits, and scheduling constraints to contain denial-of-service blast radius. Integration with Identity & Secrets Management Work with Security team to ensure strong identity, authentication, and authorization models. Integrate TPM-backed secrets storage and HSM/KMS systems for cryptographic operations. Ensure secure distribution of workload secrets with solutions like SealedSecrets, HashiCorp Vault, or SOPS. Runtime & Supply Chain Security Enforce image signing and verification with cosign or Notary. Integrate SBOM scanning and vulnerability management into CI/CD pipelines. Monitor workloads for runtime anomalies (Falco, Cilium Tetragon, or equivalent). Apply kernel hardening measures (seccomp-bpf, kernel lockdown, IMA/EVM with TPM). Monitoring & Incident Response Build observability hooks for security events (audit logs, syscall monitoring, TPM attestations). Define blast radius response runbooks for compromised pods or nodes. Work with SRE and Security teams to test chaos/security drills simulating breaches. Deliverables K3s cluster baseline hardened with SELinux and AppArmor profiles. TPM-enabled secure boot and node attestation pipeline. Enforced PodSecurityStandards and workload sandboxing (seccomp, gVisor/Kata optional). Documentation of isolation strategies (namespaces, node pools, network segmentation). Audit-ready evidence of compliance with CIS/NSA Kubernetes security benchmarks. Security runbooks for containment and blast radius reduction. Required Skills & Experience Strong knowledge of K3s/Kubernetes internals, especially security features. Hands-on experience with SELinux, AppArmor, seccomp, and Linux capabilities. Experience with TPM (Trusted Platform Module) for secure boot and attestation. Deep understanding of Pod Security (PodSecurityPolicies/Standards, OPA/Gatekeeper/Kyverno). Experience implementing RBAC, NetworkPolicies, and workload isolation at scale. Proficiency in Linux kernel security mechanisms and debugging. Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications. Strong background in incident response, forensic data collection, and audit logging in Kubernetes. Nice to Have Contributions to Kubernetes SIG-Security or open-source security tooling. Experience with supply chain security frameworks (SLSA, NIST 800-190). Familiarity with confidential computing (TEE/SGX/SEV) for workload isolation. Hands-on with Cilium Tetragon, Falco, or other runtime security tools. Knowledge of air-gapped deployments and hardened Linux distributions (e.g., Flatcar, Bottlerocket).