Container Security Engineer

The Vanguard Group•Charlotte, PA

3d•Hybrid

About The Position

Vanguard is seeking a Container Security Engineer to lead hands-on container security efforts across AWS environments (ECS, EKS, and Serverless). This role involves utilizing Wiz for risk assessment and remediation, driving the implementation and maturity of container security controls, and assessing vulnerabilities across container images and deployment pipelines. The engineer will develop and implement strategies to secure cloud-native workloads, partner with engineering teams for secure configurations, and identify automation opportunities. Additionally, the role will leverage AI/ML for enhanced threat detection and remediation, gather metrics on security posture, provide guidance on secure development practices, and maintain documentation.

Requirements

Undergraduate degree in a related field or equivalent experience.
Strong hands-on experience securing containerized environments in AWS (ECS/EKS) and serverless workloads, with working knowledge of container platforms in other cloud providers (Azure AKS, GCP GKE)
Experience with Wiz for container, cloud, and configuration risk visibility and remediation.
Strong understanding of container lifecycle, image management, and runtime security concepts.
Experience with CI/CD pipelines, cloud-native architectures, and deployment processes.
Familiarity with industry frameworks such as NIST, OWASP, and MITRE.

Nice To Haves

Experience with application security tools (SAST, SCA, IAST, DAST) is a plus.
Relevant certifications in cloud, containers, or DevSecOps are a plus.

Responsibilities

Lead hands-on container security efforts across AWS environments (ECS, EKS, and Serverless), including image scanning, runtime visibility, and risk remediation.
Utilize Wiz to assess and remediate container, cloud configuration, and workload risks across build and runtime environments with risk-based prioritization.
Drive implementation and maturity of container security controls, including coverage, enforcement, and operational monitoring.
Assess vulnerabilities across container images, dependencies, and deployment pipelines, and drive remediation with engineering teams.
Develop and implement strategies to secure cloud-native workloads with a focus on containers and serverless architectures across AWS, extending consistent security controls to other cloud platforms (Azure, GCP) where applicable.
Partner with platform and engineering teams to ensure secure configurations, hardened base images, and consistent runtime protection.
Identify and execute automation opportunities to improve container security processes and reduce manual effort.
Leverage AI/ML-driven capabilities to enhance container and cloud threat detection, enable risk-based prioritization, and support automated remediation across build and runtime environments.
Gather and report metrics to provide visibility into container security posture and program maturity.
Provide guidance and training on secure container development, image hygiene, and deployment best practices.
Maintain documentation for container security processes, tools, and standards.