Senior Kubernetes Engineer / Security / Azure DevOps - SUSE NeuVector
This role requires security clearance, you must be a US Citizen to qualify for this role*
This is a contract role focused on implementing Container Security to secure DevOps platforms in various stages in lifecycle of software deployment in an Azure DevOps environment.
This container security tool will embed in Devops pipeline to provide following functionality :
Network visibility
Vulnerability management
Compliance policies
Run time security
Build scan
Container segmentation
Project Scope : Contractor shall work under the direction of Client’s project manager to :
Collaborate with customer administrators for the deployment and maintenance of Kubernetes and Container Security Tool. (Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.
Confirm necessary access to create the Kubernetes cluster for Container Security Tool configuration
Project Preparations (Remote).
Prior to the onsite installation and configuration activities, the Contractor will schedule a conference call with the customer to ensure the necessary technical prerequisites are understood and prepared prior to the onsite project activities.
Facilitate an Introduction Call to accomplish the following : Introduction of customer and Contract team members :
Review customer’s Container Security Tool expectations and requirements
Answer initial questions on Container Security Tool capabilities
Discuss high-level design considerations
Finalize logistics and design
Deploy Kubernetes as a new Container Security Tool master node in the Enterprise & Grid environment
Build Kubernetes cluster for the environment in scope
Deploy Container Security Tool into production environments
Determine scanning for centralized repository
Design federating managed clusters per customer-supplied plan
Create configmap automation to help with automatic deployment of Container Security Tool into subsequent projects
Create overall federation plan for production from pre-production environment
Create overall Custom Resource Definition (CRD) security-as-code plan
Create configmap automation to help with automatic deployment of Container Security Tool into subsequent projects
Overall federation plan for production from pre-production environment
Create overall CRD security-as-code plan
Create rules to federate to other clusters.
After the main cluster is created, federation rules can be configured in the main cluster. These rules can be automatically distributed to other clusters.
Through the federated cluster, the security policies and rules of each cluster can be uniformly deployed and managed, simplifying the management process.
The managed cluster has no right to change these federal rules, which ensures that the managed cluster will not violate the security rules and improves the security of the managed cluster.
Review Continuous integration and Continuous Delivery (CICD) Integration. Assist in the definition of image scanning as part of build process.
Container Security Tool Enablement.
Throughout this engagement, Consultant will share expertise and experience with the customer team on best-practice and use of Container Security Tool in the Grid and Enterprise environments.
Provide a structured close and transition of the project.
Provide artifacts and templates, enablement to continue customer driven automation
Configmap
Unique environment documentation
Prepare an end of engagement report to include :
Activities performed
Environment changes
Architecture & configuration summary
Recommended next steps
Recommend training
Review next step recommendations
Review on-going SUSE support cases and incidents created for Container Security Tool during project phase
Please note : US Citizenship is required as part of Critical Infrastructure security protocols and the selected candidate must pass a security background check
Work is remote but candidates must be able to work 9-5 Pacific time