Security Engineer - Containers/EKS

What We'll Bring:At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation we're - consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.

• Must have prior experience implementing Sysdig or other container security technology within an enterprise EKS environment
• Ensure comprehensive EKS/Kubernetes and container security, infrastructure, and workload monitoring
• Establish an automated container test framework to test configured EKS/Kubernetes security monitoring
• Implement container image scanning capabilities as part of a CI/CD pipeline and against container images stored in a registry
• Support a "security first" EKS architecture that enables incident responders to identify container vulnerabilities, malicious activity, and achieve incident investigation resolution
• Tune alerts within Sysdig to establish a high efficacy alert profile for the SOC and IR teams
• Perform quarterly demos to educate the Cybersecurity organization on capabilities and developments in respect to container security and EKS architecture
• Ensure EKS reference architecture is compliant with NIST 800-53, PCI DSS, etc.

• Using Falco rules, develop and tune Sysdig policies
• Implement and support Kubernetes admission controller policies

• Define security requirements for the corporate EKS/Kubernetes reference architecture that incorporates best practices for security, performance, and cost optimization
• Ensure security-based EKS configuration standard is published to the corporate container standard
• Create a logging standard to ensure all applicable EKS and container logs and subsequent alerting are sent to and configured within the enterprise SIEM platform
• Validate EKS IAM policy and logging standard complies with AWS authentication and authorization best practices