Key skills
KubernetesOpenShiftPythonGolangCompliance ScanningGitSecurity TechniquesAsynchronous CommunicationProject ManagementRemote Team ExperienceSelf-starterAIGitOpsJiraCommunication
About this role
Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies. The Senior Software Engineer will join the OpenShift Infrastructure and Security Compliance team to develop tooling for regulatory compliance and enhance OpenShift's security posture.
Responsibilities:
- Develop tooling to generate and automate regulatory benchmark guidance
- AI driven tooling (MCP servers/toolsets) that integrates with IDEs (Claude Code/Cursor)
- Understanding Compliance Operator resources, like CustomRules and Profiles
- Implementing checks using multiple scanning technologies, like OpenSCAP and CEL expressions
- Developing and maintaining operators that improve OpenShift security posture
- Contribute to industry benchmark regulatory bodies where applicable (CIS)
Requirements:
- Minimum 5 years experience
- Understanding of Kubernetes and OpenShift
- Have an understanding of security and hardening techniques for container management (e.g., Security Context Constraints, Validation Admission Policies, RBAC)
- Machine Configs, SCCs
- RHCOS (operating systems optimized for running containers)
- Concept of operators within the Kubernetes ecosystem, and how they function
- OLM (Red Hat's package manager for operators)
- Programming proficiency
- Fluent in git
- Experience with python, maintaining python systems
- Experience developing and maintaining projects in Golang
- Project management experience and tracking with task tracking tools (e.g., Jira) - ideally comfortable giving updates on a particular project over the course of several months
- Compliance Scanning workflows with various tools
- Remediate
- Rescan
- Repeat
- Familiarity with specific regulatory bodies and their benchmarks (CIS, PCI, DISA, NIST, etc.)
- People skills
- Affinity for asynchronous communication
- Experience working on distributed, remote teams
- Self-starter
- Familiar with Cursor and/or Claude Code - since we're looking to lean heavily on AI tools to help with the profiles
- GitOps-based workflows
- Tekton pipelines