Senior Kubernetes Engineer / Security / Azure DevOps - SUSE NeuVector

This role requires security clearance, you must be a US Citizen to qualify for this role*

This is a contract role focused on implementing Container Security to secure DevOps platforms in various stages in lifecycle of software deployment in an Azure DevOps environment.

This container security tool will embed in Devops pipeline to provide following functionality :

Network visibility

Vulnerability management

Compliance policies

Run time security

Build scan

Container segmentation

Project Scope : Contractor shall work under the direction of Client’s project manager to :

Collaborate with customer administrators for the deployment and maintenance of Kubernetes and Container Security Tool. (Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.

Confirm necessary access to create the Kubernetes cluster for Container Security Tool configuration

Project Preparations (Remote).

Prior to the onsite installation and configuration activities, the Contractor will schedule a conference call with the customer to ensure the necessary technical prerequisites are understood and prepared prior to the onsite project activities.

Facilitate an Introduction Call to accomplish the following : Introduction of customer and Contract team members :

Review customer’s Container Security Tool expectations and requirements

Answer initial questions on Container Security Tool capabilities

Discuss high-level design considerations

Finalize logistics and design

Deploy Kubernetes as a new Container Security Tool master node in the Enterprise & Grid environment

Build Kubernetes cluster for the environment in scope

Deploy Container Security Tool into production environments

Determine scanning for centralized repository

Design federating managed clusters per customer-supplied plan

Create configmap automation to help with automatic deployment of Container Security Tool into subsequent projects

Create overall federation plan for production from pre-production environment

Create overall Custom Resource Definition (CRD) security-as-code plan

Create configmap automation to help with automatic deployment of Container Security Tool into subsequent projects

Overall federation plan for production from pre-production environment

Create overall CRD security-as-code plan

Create rules to federate to other clusters.

After the main cluster is created, federation rules can be configured in the main cluster. These rules can be automatically distributed to other clusters.

Through the federated cluster, the security policies and rules of each cluster can be uniformly deployed and managed, simplifying the management process.

The managed cluster has no right to change these federal rules, which ensures that the managed cluster will not violate the security rules and improves the security of the managed cluster.

Review Continuous integration and Continuous Delivery (CICD) Integration. Assist in the definition of image scanning as part of build process.

Container Security Tool Enablement.

Throughout this engagement, Consultant will share expertise and experience with the customer team on best-practice and use of Container Security Tool in the Grid and Enterprise environments.

Provide a structured close and transition of the project.

Provide artifacts and templates, enablement to continue customer driven automation

Configmap

Unique environment documentation

Prepare an end of engagement report to include :

Activities performed

Environment changes

Architecture & configuration summary

Recommended next steps

Recommend training

Review next step recommendations

Review on-going SUSE support cases and incidents created for Container Security Tool during project phase

Please note : US Citizenship is required as part of Critical Infrastructure security protocols and the selected candidate must pass a security background check

Work is remote but candidates must be able to work 9-5 Pacific time