Senior Infrastructure Security & Compliance Engineer

Job :

Senior Infrastructure Security & Compliance Engineer (Zero-Touch GPU Cloud GitOps-Driven Compliance & Resilience)

Senior Infrastructure Security & Compliance Engineer

Key Responsibilities

• Design and implement

  GitOps-native workflows

  to automate

  security, compliance, and backup validation

  as part of the GPU cloud lifecycle.
• Integrate

  Trivy

  into CI/CD pipelines for container and system image vulnerability scanning.
• Automate

  kube-bench

  execution and remediation workflows to enforce Kubernetes security benchmarks (CIS/STIG).
• Define and enforce

  policy-as-code

  using

  OPA/Gatekeeper

  to validate cluster and workload configurations.
• Deploy and manage

  Velero

  to automate backup and disaster recovery operations for Kubernetes workloads.
• Ensure that all compliance, scanning, and backup logic is

  declarative and auditable

  through Git-backed repositories.
• Collaborate with infrastructure, platform, and security teams to define security baselines, enforce drift detection, and integrate automated guardrails.
• Drive remediation automation and post-validation gates across build, upgrade, and certification pipelines.
• Monitor evolving security threats and ensure tooling is regularly updated to detect vulnerabilities, misconfigurations, and compliance drift.

Required Skills & Experience

• 10+ years of hands-on experience

  in infrastructure, platform automation, and systems security.

• Primary key skills

  required are Python/Go/Bash scripting, OPA Rego policy writing, CI integration for Trivy & kube-bench, GitOps
• Strong knowledge and practical experience with:

• Trivy

  for container, filesystem, and configuration scanning

• kube-bench

  for Kubernetes CIS benchmark compliance

• Velero

  for Kubernetes-native backup and disaster recovery

• OPA/Gatekeeper

  for policy-as-code and admission control
• Deep understanding of GitOps workflows (e.g., Argo CD, Flux) and how to integrate security tools declaratively.
• Proven experience automating security, compliance, and backup validation in CI/CD pipelines.
• Solid foundation in Kubernetes internals, RBAC, pod security, and multi-tenant best practices.
• Familiarity with vulnerability management lifecycles and security risk remediation strategies.
• Experience with Linux systems administration, OS hardening, and secure bootstrapping.
• Proficiency in scripting languages such as Python, Go, or Bash for automation and tooling integration.
• Bonus:
• Experience with SBOMs, image signing, or container supply chain security
• Exposure to regulated environments (e.g., PCI-DSS, HIPAA, FedRAMP)
• Contributions to open-source security/compliance projects