Container Security Engineer
Duties and Responsibilities
- Lead hands-on container security efforts across AWS environments (ECS, EKS, and Serverless), including image scanning, runtime visibility, and risk remediation.
- Utilize Wiz to assess and remediate container, cloud configuration, and workload risks across build and runtime environments with risk-based prioritization.
- Drive implementation and maturity of container security controls, including coverage, enforcement, and operational monitoring.
- Assess vulnerabilities across container images, dependencies, and deployment pipelines, and drive remediation with engineering teams.
- Develop and implement strategies to secure cloud-native workloads with a focus on containers and serverless architectures across AWS, extending consistent security controls to other cloud platforms (Azure, GCP) where applicable.
- Partner with platform and engineering teams to ensure secure configurations, hardened base images, and consistent runtime protection.
- Identify and execute automation opportunities to improve container security processes and reduce manual effort.
- Leverage AI/ML-driven capabilities to enhance container and cloud threat detection, enable risk-based prioritization, and support automated remediation across build and runtime environments.
- Gather and report metrics to provide visibility into container security posture and program maturity.
- Provide guidance and training on secure container development, image hygiene, and deployment best practices.
- Maintain documentation for container security processes, tools, and standards.
Qualifications
- Undergraduate degree in a related field or equivalent experience.
- Strong hands-on experience securing containerized environments in AWS (ECS/EKS) and serverless workloads, with working knowledge of container platforms in other cloud providers (Azure AKS, GCP GKE).
- Experience with Wiz for container, cloud, and configuration risk visibility and remediation.
- Strong understanding of container lifecycle, image management, and runtime security concepts.
- Experience with CI/CD pipelines, cloud-native architectures, and deployment processes.
- Experience with application security tools (SAST, SCA, IAST, DAST) is a plus.
- Familiarity with industry frameworks such as NIST, OWASP, and MITRE.
- Relevant certifications in cloud, containers, or DevSecOps are a plus.
Special Factors
- Sponsorship: Vanguard is not offering visa sponsorship for this position.
About Vanguard
Vanguard is an equal opportunity employer. Vanguard is committed to providing all crew members a working environment that is free from discrimination, prejudice and bias. Through this Equal Employment Opportunity (EEO) Policy, Vanguard reaffirms its commitment to equal employment opportunity for all applicants and crew members without regard to race, color, national origin or ancestry, religion, gender, sex, sexual orientation, gender identity or expression, age, disability, marital status, veteran or military status. In addition, Vanguard prohibits discrimination based on genetic information, as well as any other characteristic protected by federal, state or local law.
Empowered to Learn, Grow, and Thrive
Read profiles of some of our employees who share their experiences and insights about working at Vanguard.