Company description
Tremend is the newest global software engineering hub for Publicis Sapient. For over 20 years, the company has been infusing its advanced technical expertise into complex and innovative solutions that meet today's digital transformation needs and pave the way for a better and smarter future. By joining forces with Publicis Sapient we're accelerating the impact, providing a good mix of talented engineers, technology, continuous improvement, innovation, and R&D. Here, you'll have the opportunity to unleash your potential, powering up advanced software solutions for some of the world's most iconic brands. Embrace your passion for technology, creativity, and continuous improvement, and join us in making a difference through engineering.
Overview
The Security Engineer owns the engineering, administration, and tuning of the organization's security ecosystem. This includes EDR, CSPM, vulnerability management, Kubernetes security controls, and developing the policies and procedures used by the 24×7 operations team. This role ensures strong preventive controls, high-quality detections, and technical governance across all application nodes, databases, and Kubernetes clusters.
Responsibilities:
Kubernetes & Container Security
Design, implement, and maintain Kubernetes security controls across clusters.
Manage security posture for:
Kubernetes API Server policies
RBAC permissions and least-privilege configurations
Network policies (ingress/egress restrictions)
Pod Security Standards (PSS) or admission controller rules
Configure and maintain:
Kubernetes audit logging
Cluster-level and node-level log forwarding to SIEM
Runtime security tools (e.g., Falco, Prisma, Aqua, Sysdig, Trivy)
Implement and tune detections for:
Misconfigured pods and privileged containers
Suspicious exec activity
Access anomalies to kube-api
Lateral movement inside the cluster
Support DevOps teams in secure image pipelines, including:
Image scanning (SCA, SAST, container scanning)
Supply-chain security controls
Hardening base images and enforcing security baselines
Lead incident response for escalated Kubernetes security issues.
Develop runbooks specifically for incidents involving clusters, pods, or container runtimes.
EDR, CSPM & Vulnerability Management
Administer and tune endpoint and workload EDR across Linux/Windows application nodes and Kubernetes worker nodes.
Manage CSPM tooling across cloud and Kubernetes environments, ensuring compliance with CIS benchmarks.
Own the vulnerability management lifecycle:
Scanning nodes, packages, images
Prioritization
Coordinating remediation with Infra/SRE teams
Enhance SIEM detections, correlation rules, and automation playbooks.
Policies, Procedures & SOC Support
Build and refine SOPs, policies, and runbooks for the 24×7 SOC team.
Implement automation for security processes (Python, Bash, PowerShell, IaC).
Conduct threat modeling for Kubernetes deployments and new applications.
Provide Tier 2-3 support, mentoring SOC analysts and improving overall detection maturity.
Qualifications:
Required
4-6+ years in security engineering, cloud security, or SOC engineering.
Strong hands-on experience with Kubernetes internals and security.
Practical knowledge of:
EKS, AKS, GKE, or on-prem Kubernetes
Helm, manifests, CRDs, admission controllers
Container runtimes (containerd, CRI-O)
Experience with:
EDR platforms
CSPM tools
Vulnerability management tools
SIEM rule creation and alert tuning
Strong scripting/automation capabilities (Python, Bash, PowerShell).
Understanding of Linux OS internals and cloud-native security best practices.
Preferred
Certifications: CISSP, CISM, GIAC (GCIA/GCIH/GCED), CKS, CKAD, KCNA, AZ-500.
Experience with CI/CD security and DevSecOps pipelines.
Additional information
Besides an exciting job in a tremendous team, here's what you can expect:
A fast-paced tech environment
Continuous growth & learning
Open feedback culture
Room for own initiative & ideas
Transparency about results & strategy
Recognition & reward for hard work
Working with a flexible schedule
Medical subscription
Meal tickets
Extra vacation days - starting with 25 vacation days
Many others perks
