Kubernetes Administrator

ROLE & RESPONSIBILITIES:

We are hiring a Senior DevSecOps / Security Engineer with 8+ years of experience securing AWS cloud, on-prem infrastructure, DevOps platforms, MLOps environments, CI/CD pipelines, container orchestration, and data/ML platforms. This role is responsible for creating and maintaining a unified security posture across all systems used by DevOps and MLOps teams — including AWS, Kubernetes, EMR, MWAA, Spark, Docker, GitOps, observability tools, and network infrastructure.

KEY RESPONSIBILITIES:

1.     Cloud Security (AWS)-

• Secure all AWS resources consumed by DevOps/MLOps/Data Science: EC2, EKS, ECS, EMR, MWAA, S3, RDS, Redshift, Lambda, CloudFront, Glue, Athena, Kinesis, Transit Gateway, VPC Peering.
• Implement IAM least privilege, SCPs, KMS, Secrets Manager, SSO & identity governance.
• Configure AWS-native security: WAF, Shield, GuardDuty, Inspector, Macie, CloudTrail, Config, Security Hub.
• Harden VPC architecture, subnets, routing, SG/NACLs, multi-account environments.
• Ensure encryption of data at rest/in transit across all cloud services.

2.     DevOps Security (IaC, CI/CD, Kubernetes, Linux)-

Infrastructure as Code & Automation Security:

• Secure Terraform, CloudFormation, Ansible with policy-as-code (OPA, Checkov, tfsec).
• Enforce misconfiguration scanning and automated remediation.

CI/CD Security:

• Secure Jenkins, GitHub, GitLab pipelines with SAST, DAST, SCA, secrets scanning, image scanning.
• Implement secure build, artifact signing, and deployment workflows.

Containers & Kubernetes:

• Harden Docker images, private registries, runtime policies.
• Enforce EKS security: RBAC, IRSA, PSP/PSS, network policies, runtime monitoring.
• Apply CIS Benchmarks for Kubernetes and Linux.

Monitoring & Reliability:

• Secure observability stack: Grafana, CloudWatch, logging, alerting, anomaly detection.
• Ensure audit logging across cloud/platform layers.

3.     MLOps Security (Airflow, EMR, Spark, Data Platforms, ML Pipelines)-

Pipeline & Workflow Security:

• Secure Airflow/MWAA connections, secrets, DAGs, execution environments.
• Harden EMR, Spark jobs, Glue jobs, IAM roles, S3 buckets, encryption, and access policies.

ML Platform Security:

• Secure Jupyter/JupyterHub environments, containerized ML workspaces, and experiment tracking systems.
• Control model access, artifact protection, model registry security, and ML metadata integrity.

Data Security:

• Secure ETL/ML data flows across S3, Redshift, RDS, Glue, Kinesis.
• Enforce data versioning security, lineage tracking, PII protection, and access governance.

ML Observability:

• Implement drift detection (data drift/model drift), feature monitoring, audit logging.
• Integrate ML monitoring with Grafana/Prometheus/CloudWatch.

4.     Network & Endpoint Security-

• Manage firewall policies, VPN, IDS/IPS, endpoint protection, secure LAN/WAN, Zero Trust principles.
• Conduct vulnerability assessments, penetration test coordination, and network segmentation.
• Secure remote workforce connectivity and internal office networks.

5.     Threat Detection, Incident Response & Compliance-

• Centralize log management (CloudWatch, OpenSearch/ELK, SIEM).
• Build security alerts, automated threat detection, and incident workflows.
• Lead incident containment, forensics, RCA, and remediation.
• Ensure compliance with ISO 27001, SOC 2, GDPR, HIPAA (as applicable).
• Maintain security policies, procedures, RRPs (Runbooks), and audits.

IDEAL CANDIDATE:

• 8+ years in DevSecOps, Cloud Security, Platform Security, or equivalent.
• Proven ability securing AWS cloud ecosystems (IAM, EKS, EMR, MWAA, VPC, WAF, GuardDuty, KMS, Inspector, Macie).
• Strong hands-on experience with Docker, Kubernetes (EKS), CI/CD tools, and Infrastructure-as-Code.
• Experience securing ML platforms, data pipelines, and MLOps systems (Airflow/MWAA, Spark/EMR).
• Strong Linux security (CIS hardening, auditing, intrusion detection).
• Proficiency in Python, Bash, and automation/scripting.
• Excellent knowledge of SIEM, observability, threat detection, monitoring systems.
• Understanding of microservices, API security, serverless security.
• Strong understanding of vulnerability management, penetration testing practices, and remediation plans.

EDUCATION:

• Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Relevant certifications (AWS Security Specialty, CISSP, CEH, CKA/CKS) are a plus.

PERKS, BENEFITS AND WORK CULTURE:

• Competitive Salary Package
• Generous Leave Policy
• Flexible Working Hours
• Performance-Based Bonuses
• Health Care Benefits

Cloud Software Engineer

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based Infrastructure services Company, headquartered in San Jose, California, USA. It provides full-stack managed services to support business applications and data infrastructure.  We do provide the data solutions and services on bare metal, On-prem, and all Cloud platforms.  Our engagement service is built on the DevOps standard practice and SRE model.

We offer you an opportunity to join our rocket ship startup, run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer, that address next-gen data evolution challenges. Candidates who are willing to use their experience in areas directly related to Infrastructure Services, Software as Service, and Cloud Services and create a niche in the market.

Roles and Responsibilities

· A wide variety of engineering projects including data visualization, web services, data engineering, web-portals, SDKs, and integrations in numerous languages, frameworks, and clouds platforms

· Apply continuous delivery practices to deliver high-quality software and value as early as possible.

· Work in collaborative teams to build new experiences

· Participate in the entire cycle of software consulting and delivery from ideation to deployment

· Integrating multiple software products across cloud and hybrid environments

· Developing processes and procedures for software applications migration to the cloud, as well as managed services in the cloud

· Migrating existing on-premises software applications to cloud leveraging a structured method and best practices

Desired Candidate Profile : *** freshers can also apply ***

· 2+years of experience with 1 or more development languages such as Java, Python, or Spark.

· 1 year + of experience with private/public/hybrid cloud model design, implementation, orchestration, and support.

· Certification or any training's completion of any one of the cloud environments like AWS, GCP, Azure, Oracle Cloud, and Digital Ocean.

· Strong problem-solvers who are comfortable in unfamiliar situations, and can view challenges through multiple perspectives

· Driven to develop technical skills for oneself and team-mates

· Hands-on experience with cloud computing and/or traditional enterprise datacentre technologies, i.e., network, compute, storage, and virtualization.

· Possess at least one cloud-related certification from AWS, Azure, or equivalent

· Ability to write high-quality, well-tested code and comfort with Object-Oriented or functional programming patterns

· Past experience quickly learning new languages and frameworks

· Ability to work with a high degree of autonomy and self-direction

http://www.banyandata.com" target="_blank">www.banyandata.com