Job Board
LogoLogo
Application Tracker
Get Daily Notifications
New

Get Jobs Tailored to Your Resume

Filtr uses AI to scan 1000+ jobs and finds postings that perfectly matches your resume

Google Logo

Senior Penetration Tester - Kubernetes

Google

$166,000 - $244,000
Sep 17, 2025
VA, US • Reston, VA, USA • MD, US
Apply Now

Google Public Sector is looking to improve the security posture of its AI environments and cloud-native ecosystems by identifying and exploiting vulnerabilities in containerized applications and cloud infrastructure.

Requirements

  • Experience with security assessments, design reviews, or threat modeling for containerized applications.
  • Certifications in Certified Kubernetes Security Specialist (CKS), Offensive Security Certified Professional (OSCP), GIAC Cloud Penetration Tester (GCPN), or GIAC Web Application Tester (GWAPT).
  • Experience with securing cloud-native CI/CD pipelines.
  • Experience with container security tools such as Falco, Trivy, Twistlock, Kube-Hunter, Burp Suite, and Nmap.
  • Experience in scripting languages such as Python, Go, or Bash.
  • Understanding of the control plane (API server, etc.), worker nodes (kubelet, container runtime), pod security, networking (CNI), and IAM/RBAC mechanisms.

Responsibilities

  • Perform black box, grey box, and white box penetration tests against Kubernetes clusters, containerized applications, and the underlying cloud infrastructure.
  • Simulate realistic attack scenarios, target containerized and cloud environments, including initial access, exploitation, lateral movement across various environments.
  • Identify and exploit vulnerabilities in containerized components, including escape techniques, privilege escalation, runtime vulnerabilities, and insecure configurations in the control plane or network policies.
  • Automate tasks, analyze data, and develop exploits specifically for cloud-native and containerized targets.
  • Share knowledge and findings with defensive teams to improve their detection and response capabilities within containerized and cloud environments.
  • Understand and apply purple team methodology for hardening of networks.
  • Work with software engineers to proactively identify and fix security flaws and vulnerabilities.

Other

  • 5 years of experience in security engineering, with a focus on container security.
  • Ability to travel up to 25% of the time in order to engage with customers.
  • Active US Government Top Secret/Sensitive Compartmentalized Information (TS/SCI) security clearance.
  • Ability to contribute to the security community (e.g., open-source projects, public research, conference presentations) related to containerization.