Job Description
- Lead the architecture and design of secure Kubernetes platforms (EKS, GKE and hybrid environments - Openshift) across public and private cloud, ensuring scalability, resilience, and compliance.
- Define and implement secure-by-default Kubernetes patterns, including RBAC, network segmentation, workload identity, secrets management, and policy-as-code (OPA/Gatekeeper).
- Develop and standardize Kubernetes security reference architectures, blueprints, and reusable modules aligned with enterprise architecture and governance standards.
- Lead proof-of-concept initiatives to assess emerging Kubernetes and container security solutions, translating findings into scalable enterprise capabilities.
- Drive risk assessment and remediation strategies by evaluating Kubernetes and cloud security posture against CIS benchmarks, Cloud Control Matrix, and enterprise policies.
- Contribute to and enhance platform automation, leveraging Infrastructure-as-Code and policy-as-code to enforce consistent security controls at scale.
- Act as a technical SME and advisor, supporting application teams in designing and deploying secure containerized workloads.
- Partner with Engineering, Cloud Platform, and InfoSec teams to embed security into Kubernetes platforms and developer workflows, enabling secure and frictionless adoption.
Responsibilities
- 5+ years of experience in cloud engineering and security, with hands-on expertise across AWS, GCP and Kubernetes-based platforms.
- Strong experience securing Kubernetes/EKS environments, including:
- RBAC and workload identity
- Network policies and segmentation
- Pod security standards
- Policy-as-code (OPA/Gatekeeper)
- Experience with container and runtime security, including vulnerability management, image scanning, and workload protection.
- Deep understanding of cloud-native architecture, including containers, microservices, serverless, and multi-cloud design patterns.
- Familiarity with security frameworks and standards such as CIS Benchmarks, Cloud Control Matrix (CCM), and Kubernetes security best practices.
- Experience integrating security into CI/CD pipelines and DevSecOps workflows.
- Strong knowledge of networking and cloud security fundamentals, including VPC design, segmentation, and secure communication patterns.
- Experience working in Agile environments, collaborating across engineering, platform, and security teams.
- Strong problem-solving skills with the ability to design and deliver scalable, secure solutions in complex environments.
- Experience with service mesh, zero trust arch and GitOps
Qualifications
- Bachelor's degree in computer science, computer engineering, or related field; or equivalent experience.
- Kubernetes certifications (e.g., CKA, CKAD, CKS) or equivalent hands-on experience.
- Relevant certifications (e.g., CCSP, CISSP, AWS Security Specialty, GCP Security Specialty)
About Us
At Zensar, we're
experience-led everything. We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose:
Together, we shape experiences for better futures. Whether for our clients, our people, or the world around us, this belief powers everything we do. At the heart of our culture is
ONE with Client - a set of four core values that reflect who we are and how we work:
One Zensar, Nurturing, Empowering, and Client Focus.
Part of the $4.8 billion RPG Group, we're a community of 10,000+ innovators across 30+ global locations, including Milpitas, Seattle, Princeton, Cape Town, London, Zurich, Singapore, and Mexico City. Explore Life at Zensar and join us to Grow. Own. Achieve. Learn. to be the best version of yourself.
We believe the best work happens when individuality is celebrated, growth is encouraged, and well-being is prioritized. We are an equal employment opportunity (EEO) and affirmative action employer, committed to creating an inclusive workplace. All qualified applicants will be considered without regard to race, creed, color, ancestry, religion, sex, national origin, citizenship, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veteran status.
