Security & DR Automation Eng

Senior Infrastructure Security & Compliance Engineer (Zero-Touch GPU Cloud – GitOps-Driven Compliance & Resilience)

We are seeking a

Senior Infrastructure Security & Compliance Engineer

with 10+ years of experience in infrastructure and platform automation to drive the

Zero-Touch Build, Upgrade, and Certification pipeline

for our on-prem GPU cloud environment. This role is focused on integrating

security scanning, policy enforcement, compliance validation, and backup automation

into a fully GitOps-managed GPU cloud stack, spanning hardware → OS → Kubernetes → platform layers.

Key Responsibilities

Design and implement

GitOps-native workflows

to automate

security, compliance, and backup validation

as part of the GPU cloud lifecycle.

Integrate

Trivy

into CI / CD pipelines for container and system image vulnerability scanning.

Automate

kube-bench

execution and remediation workflows to enforce Kubernetes security benchmarks (CIS / STIG).

Define and enforce

policy-as-code

using

OPA / Gatekeeper

to validate cluster and workload configurations.

Deploy and manage

Velero

to automate backup and disaster recovery operations for Kubernetes workloads.

Ensure that all compliance, scanning, and backup logic is

declarative and auditable

through Git-backed repositories.

Collaborate with infrastructure, platform, and security teams to define security baselines, enforce drift detection, and integrate automated guardrails.

Drive remediation automation and post-validation gates across build, upgrade, and certification pipelines.

Monitor evolving security threats and ensure tooling is regularly updated to detect vulnerabilities, misconfigurations, and compliance drift.

Required Skills & Experience

10+ years of hands-on experience

in infrastructure, platform automation, and systems security.

Primary key skills

required are Python / Go / Bash scripting, OPA Rego policy writing, CI integration for Trivy & kube-bench, GitOps

Strong knowledge and practical experience with :

Trivy

for container, filesystem, and configuration scanning

kube-bench

for Kubernetes CIS benchmark compliance

Velero

for Kubernetes-native backup and disaster recovery

OPA / Gatekeeper

for policy-as-code and admission control

Deep understanding of GitOps workflows (e.g., Argo CD, Flux) and how to integrate security tools declaratively.

Proven experience automating security, compliance, and backup validation in CI / CD pipelines.

Solid foundation in Kubernetes internals, RBAC, pod security, and multi-tenant best practices.

Familiarity with vulnerability management lifecycles and security risk remediation strategies.

Experience with Linux systems administration, OS hardening, and secure bootstrapping.

Proficiency in scripting languages such as Python, Go, or Bash for automation and tooling integration.

Bonus :

Experience with SBOMs, image signing, or container supply chain security

Exposure to regulated environments (e.g., PCI-DSS, HIPAA, FedRAMP)

Contributions to open-source security / compliance projects