US_East | Platform Engineering - Linux/Unix Admin_L3Expedite Technology Solutions • IL
US_East | Platform Engineering - Linux / Unix Admin_L3
Expedite Technology Solutions • IL
6 לפני ימים
תיאור המשרהDefine and enforce workload sandboxing strategies (seccomp, AppArmor, SELinux contexts, gVisor / Kata if applicable). Configure minimal privilege policies (RBAC, PodSecurityStandards, NetworkPolicies) to ensure least-privilege execution. Implement namespace, node pool, and hardware partitioning to confine workloads and protect sensitive applications. Apply resource quotas, limits, and scheduling constraints to contain denial-of-service blast radius. Work with Security team to ensure strong identity, authentication, and authorization models. Integrate TPM-backed secrets storage and HSM / KMS systems for cryptographic operations. Ensure secure distribution of workload secrets with solutions like SealedSecrets, HashiCorp Vault, or SOPS. Enforce image signing and verification with cosign or Notary. Integrate SBOM scanning and vulnerability management into CI / CD pipelines. Monitor workloads for runtime anomalies (Falco, Cilium Tetragon, or equivalent). Apply kernel hardening measures (seccomp-bpf, kernel lockdown, IMA / EVM with TPM). Build observability hooks for security events (audit logs, syscall monitoring, TPM attestations). Define blast radius response runbooks for compromised pods or nodes. Work with SRE and Security teams to test chaos / security drills simulating breaches. Strong knowledge of Ks / Kubernetes internals, especially security features. Hands-on experience with SELinux, AppArmor, seccomp, and Linux capabilities. Experience with TPM (Trusted Platform Module) for secure boot and attestation. Deep understanding of Pod Security (PodSecurityPolicies / Standards, OPA / Gatekeeper / Kyverno). Experience implementing RBAC, NetworkPolicies, and workload isolation at scale. Proficiency in Linux kernel security mechanisms and debugging. Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications. Strong background in incident response, forensic data collection, and audit logging in Kubernetes. Contributions to Kubernetes SIG-Security or open-source security tooling. Experience with supply chain security frameworks (SLSA, NIST -). Familiarity with confidential computing (TEE / SGX / SEV) for workload isolation. Hands-on with Cilium Tetragon, Falco, or other runtime security tools. Knowledge of air-gapped deployments and hardened Linux distributions (, Flatcar, Bottlerocket).
"Possible Month CTH | No Fees | Do Not Re-Post| Confidential
TMR ID : STPH
Role : Ks SecurityEngineer
Work location : Portland, Oregon
Background and Meet and Greet : MANDATORY
Job Description :
"Ks Security & Isolation Specialist
Context :
The Security Engineer will focus on hardening and isolating Ks clusters to minimize blast radius in the event of compromise. This includes enforcing Linux security modules (SELinux, AppArmor), leveraging TPM for secure boot and attestation, implementing least privilege across nodes and workloads, and ensuring multi-tenant isolation within hybrid Kubernetes environments (x, ARM, accelerators).
Key Responsibilities :
"Security Architecture & Policy Enforcement
- Design and implement security-first cluster configurations for Ks nodes.
- Enforce mandatory access control (MAC) using SELinux and AppArmor profiles for pods and system services.
- Integrate TPM-based attestation and secure boot for cluster nodes to ensure trust in hardware and OS integrity.
- Establish node, pod, and namespace isolation strategies to reduce lateral movement risk.
- Harden cluster components (API server, etcd, kubelet) following CIS and NSA Kubernetes security benchmarks.
Blast Radius Reduction
Integration with Identity & Secrets Management
Runtime & Supply Chain Security
Monitoring & Incident Response
What are the Mandatory skills and skill proficiencies required for this position?
What are the Optional skills and skill proficiencies for this position?
The following details must accompany your submission :
First Name, Middle name, and Last Name :
City and State :
Open to Relocate?
Rate : Availability :
Phone :
Mobile :
Email address :
Visa type :
Visa Expiration Date :
Hiring Status :
MiguelAngel Buonafina - ERM
North America
Tel. : +"
צור התראת עבודה עבור חיפוש זה
USEast Platform Engineering LinuxUnix AdminL3 • IL
משרות דומות
We are recruiting freelance gaming translators / mtpe editors and reviewers for multiple AAA games projects from English into Hebrew.
We are looking for professional linguists with experience in video...להראות יותר
Contracted to a UAE-based enterprise client.Remote (Eastern Europe / MENA / India preferred).You will be responsible for defining intuitive, scalable user experiences and delivering polished, produ...להראות יותר
Blockchain Architect - ChainGPT.Remote (Middle East) - (Global Application Allowed, choose the region closest to you to apply).
ChainGPT is a dynamic blockchain and AI company that prioritizes innov...להראות יותר Senior & Lead Fullstack Engineers (React / Node.Contracted to a UAE-based enterprise client.Remote (Eastern Europe / MENA / India preferred).
Senior and Lead Fullstack Engineers.This role combin...להראות יותר Contracted to a UAE-based enterprise blockchain / fintech client.Remote (Eastern Europe / MENA / India preferred).Layer-2 scaling solutions within a custom blockchain ecosystem supporting enterpris...להראות יותר Senior & Lead Frontend Engineers (React / TypeScript).Contracted to a UAE-based enterprise client.Remote (Eastern Europe / MENA / India preferred).
Senior and Lead Frontend Engineers.You will bu...להראות יותר 
As a Senior Desktop Engineer you will design, build, and maintain desktop applications for macOS and Windows environments.
This role involves working across both system and application layers to del...להראות יותר Remote (Middle East) - (Global Application Allowed, choose the region closest to you to apply).ChainGPT is a dynamic blockchain and AI company that prioritizes innovation, transparency, and meaning...להראות יותר 
Sales Target : Independently achieve a target through proactive business development and sales strategies.Product Demonstration and Training : Conduct effective product demonstrations and training se...להראות יותר
Quadric has created an innovative general purpose neural processing unit (GPNPU) architecture.Quadric's co-optimized software and hardware is targeted to run neural network (NN) inference workloads...להראות יותר Contracted to a UAE-based enterprise blockchain / fintech client.Remote (Eastern Europe / MENA / India preferred).Senior Frontend Engineer (Web3).
You will build secure, high-performance web applica...להראות יותר Senior & Lead Android Engineers.Contracted to a UAE-based enterprise client.Remote (Eastern Europe / MENA / India preferred).
Senior and Lead Android Engineers.You will be responsible for buildi...להראות יותר Senior & Lead Java Engineers.Contracted to a UAE-based enterprise client.Remote (Eastern Europe / MENA / India preferred).
Senior and Lead Java Engineers.Engineers will work on enterprise backen...להראות יותר Senior & Lead QA Automation Engineers.Contracted to a UAE-based enterprise client.Remote (Eastern Europe / MENA / India preferred).
Senior and Lead QA Automation Engineers.You will be responsibl...להראות יותר Ecosystem Growth Manager (AI & DePIN) - Middle East.Remote (Middle East) - (Global Application Allowed, choose the region closest to you to apply).
Ecosystem Growth Manager (AI & DePIN) - Af...להראות יותר 
Join the Global LT community and help provide language lessons to business professionals and their families worldwide.We are hiring an Online Dutch-speaking Polish Language Teacher to p...להראות יותר
The Dev / Ops Engineer (Internal Systems & Automation) is responsible for developing, integrating,.This unique role bridges development and.
APIs, SQL environments, data pipelines, and custom appl...להראות יותר Contracted to a UAE-based enterprise blockchain / fintech client.Remote (Eastern Europe / MENA / India preferred).Layer-1 blockchain ecosystem supporting enterprise-grade financial systems.You will...להראות יותר
English into Hebrew MT Post-Editors & Reviewers-Gaming
Keywords Studios • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
Senior UI / UX Designers
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2
Blockchain Architect - Middle East
ChainGPT • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
Senior / Lead Fullstack Engineer
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2
Senior L2 Engineers
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2
Senior / Lead Frontend Engineer
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2
Senior Desktop Engineer
Sur • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
Security Architect - Middle East
ChainGPT • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
BDM (Software Sales) - Israel
Azeus Convene • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
Field Application Engineer (Machine Learning)
quadric, Inc • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
Senior Frontend Engineer (Web3)
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2
Senior / Lead Android Engineer
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2
Senior / Lead Java Engineer
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 3
Senior / Lead QA Automation Engineer
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2
Ecosystem Growth Manager (AI & DePIN) - Middle East
ChainGPT • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
Online Dutch-speaking Polish Language Teacher
Global LT • IL
Quick Apply
עודכן לאחרונה: לפני ימים 25
Dev Ops Engineer
GXA • IL
Quick Apply
עודכן לאחרונה: לפני 30+ ימים
Senior Protocol Engineer
MLabs • IL
Quick Apply
עודכן לאחרונה: לפני ימים 2