S3 logo

Information Security Engineer 4 – Kubernetes & Cloud Security (CNAPP / Wiz)

S3
8 days ago
Contract
On-site
Charlotte, North Carolina, United States

Job Description

Information Security Engineer 4 – Kubernetes & Cloud Security (CNAPP / Wiz)

Locations (Hybrid Onsite)

  • Charlotte, NC – 300 S. Brevard St.
  • Phoenix, AZ – Chandler Campus (2600 S. Price Rd.)
  • Dallas, TX – Las Colinas (401 Las Colinas Blvd W, Irving)

Contract Details

  • Duration: Through end of year (with extension/conversion potential)
  • Interview: 1 round (30 minutes, panel)
  • Work Model: Hybrid / onsite required
  • Start: ASAP

Role Summary

Seeking a senior Cloud Security Engineer with deep Kubernetes expertise to support enterprise cloud workload protection and vulnerability management initiatives. This role focuses on securing containerized workloads across multi-cloud environments while enabling enterprise adoption of a CNAPP platform (Wiz).

The engineer will act as a hands-on technical SME responsible for onboarding Kubernetes environments, implementing security controls, and automating security visibility and vulnerability management at scale.

Core Responsibilities

  • Deploy, configure, and operate Wiz CNAPP (CWPP focus) across enterprise environments
  • Onboard and secure cloud assets including:
    • AWS, Azure, and Google Cloud environments
    • Kubernetes clusters (AKS, EKS, GKE, OpenShift)
  • Implement and manage Wiz Sensor at scale:
    • Installation and lifecycle automation
    • Health checks and drift detection
    • Performance and coverage optimization
  • Enable container security capabilities:
    • Registry scanning (ACR, GCR, Artifactory)
    • Runtime vulnerability detection
    • Attack path and exposure analysis
  • Integrate Wiz with enterprise tooling:
    • CI/CD pipelines
    • DevSecOps workflows
    • Kubernetes deployment pipelines
  • Automate security workflows using Python scripting
  • Validate vulnerability findings and reduce false positives
  • Troubleshoot CNAPP/CSPM issues and escalations
  • Collaborate with DevSecOps, platform engineering, and cloud architecture teams
  • Support continuous improvement of cloud security posture
  • Contribute to engineering documentation and automation libraries

Required Skills

  • 5+ years Information Security Engineering experience
  • 4+ years Cloud Security or DevSecOps experience
  • 2+ years Azure and Google Cloud experience
  • Strong Kubernetes security expertise (primary requirement)
  • Hands-on experience with container security and Kubernetes workloads
  • Experience implementing or administering Wiz CNAPP
  • Strong knowledge of:
    • Cloud architecture (AWS, Azure, GCP)
    • Kubernetes networking, IAM, and workload security
    • Container security best practices
  • Advanced Python automation experience
  • Experience with CI/CD tools (GitHub Actions, Jenkins, GitLab CI, Azure DevOps)
  • Strong troubleshooting, analytical, and incident response skills
  • Ability to work in fast-paced enterprise environments
  • Strong communication and collaboration skills
  • Agile experience (Scrum or Kanban)

Preferred Skills

  • Integration of CNAPP platforms with SIEM/SOAR tools
  • Vulnerability management or application security background
  • Enterprise or regulated environment experience
  • Experience with incident/change management processes
  • Familiarity with security frameworks (CIS, NIST, CSA)
  • Certifications preferred:
    • CISSP, CISM, CISA, CRISC, CCSK
    • Kubernetes Security Certification (CKS)
  • Cloud certifications (Azure or Google Cloud)

Ideal Candidate

  • Kubernetes-first security engineer with deep cloud-native experience
  • Strong hands-on practitioner in CNAPP platforms (Wiz preferred)
  • Automation-driven (Python + CI/CD pipelines)
  • Comfortable operating in large-scale enterprise cloud environments
  • Able to bridge DevSecOps, platform engineering, and security teams
  • Strong communicator who can operate independently and at scale