Cloud Security Engineer – Container Networking

Project Overview

Client is seeking a Cloud Security Engineer with strong expertise in Azure networking and Kubernetes security. This role focuses on designing implementing and operationalizing security controls for containerized environments with an emphasis on Azure Kubernetes Service (AKS). The engineer will work closely with security infrastructure and DevOps teams to embed security into cloud and container platforms.

This is a 9 month contract role with potential for extension and conversion.

Key Responsibilities

• Develop and maintain security baselines for container clusters including networking identity and workload isolation.
• Design and enforce secure Azure networking architectures using VNets NSGs Azure Firewall Private Endpoints and service mesh integrations.
• Harden AKS clusters by implementing CIS benchmarks RBAC pod security controls and container image scanning.
• Conduct threat modeling and security risk assessments for AKS deployments and related Azure services.
• Automate secure infrastructure deployments using Terraform Bicep or ARM templates.
• Integrate AKS environments with Azure Security Center Defender for Containers and other monitoring tools to ensure continuous compliance.
• Participate in Scrum ceremonies review ready work items and collaborate with stakeholders security teams and infrastructure partners.

Required Qualifications

• Minimum of 4 years of relevant experience in cloud and container security.
• Strong hands-on experience with Azure Kubernetes Service (AKS) and Kubernetes security best practices.
• Deep knowledge of Azure networking including VNets NSGs Azure Firewall Private Link and ExpressRoute.
• Experience with Azure Policy Defender for Cloud and Microsoft Entra ID (Azure AD).
• Understanding of security frameworks and principles such as CIS benchmarks NIST and Zero Trust.
• Proficiency with Infrastructure as Code tools (Terraform Bicep or ARM).
• Scripting experience using PowerShell or Python.
• Ability to work independently and take ownership of deliverables.
• Willingness and ability to work onsite at least 4 days per week.

Technical & Soft Skills

Technical Skills:

• Containers/Docker
• Kubernetes and AKS security
• Azure networking and cloud security controls
• Infrastructure as Code (Terraform Bicep ARM)
• Security monitoring and compliance tooling

Soft Skills:

• Strong analytical and problem-solving abilities
• Clear written and verbal communication skills
• Ability to explain security concepts to both technical and non-technical audiences
• Collaborative mindset with a focus on enabling secure solutions