Container Registry Engineer - Cloud DevSecOps

Container Registry Engineer - Cloud DevSecOps

Long-Term Contract (potential for perm conversion)

Fully Remote (EST work hours)

We are hiring for our Fortune 50 healthcare client to support their new cloud-based private container image registry. This role focuses on driving adoption of the registry and tracking its impact on security through reporting, which is critical for cloud and containerized workloads.

You will work with Development, Security, and Operations teams to increase registry adoption, ensure teams use secure container images, and analyze vulnerability trends as adoption grows. You will be responsible for reporting on vulnerability remediation efforts, providing insights into security improvements, and ensuring compliance with best practices. As the primary point of contact for the platform, you will monitor adoption progress and demonstrate how increased usage enhances security.

Responsibilities

Driving Adoption and Communication:
• Lead initiatives to promote and drive adoption of the new cloud-based private container image registry within the organization, ensuring DevOps and Development teams successfully transition from Azure (AKS) to GCP (GKE).
• Develop targeted outreach campaigns, including notifications on image updates and security patches, while ensuring seamless integration into DevSecOps workflows and CI/CD pipelines.
• Serve as the Subject Matter Expert (SME) for the platform, educating teams on best practices, the value of the registry, and the importance of using secure, compliant images to reduce security risks.

Container Image Management:
• Manage the lifecycle of container images in the private registry, ensuring they remain secure and efficient.
• Communicate with Dev teams to ensure proper tagging, labeling, and documentation of container images.
• Work with Development, Security, and Operations teams to identify vulnerabilities in container images, track remediation efforts, and ensure secure, compliant images are consistently delivered for cloud-based workloads.

Governance, Compliance, and Policy Enforcement:
• Work with the Automation team to establish governance policies for image publishing, access control, and permissions to ensure secure image distribution.
• Partner with Automation and Security teams to enforce Dev image pulls exclusively from the Private Container Registry, reducing vulnerabilities across the enterprise.

Data Analysis and Reporting:
• Utilize Prisma Cloud to generate security reports and scan container images.
• Build and maintain Power BI dashboards to visualize key metrics, including vulnerability trends, registry adoption rates, security posture over time, and cost performance.
• Provide actionable reports to stakeholders on the security and performance of container images, driving improvements and cost optimization.

Qualifications
• Experience managing and reporting on container image lifecycles, including tracking vulnerabilities, managing remediation efforts, and driving user adoption of a private container registry.
• Familiarity with CVE (Common Vulnerabilities and Exposures) for identifying and addressing security vulnerabilities; experience with CVIT (Container Vulnerability Item Tracking) in ServiceNow is a plus.
• Experience with Prisma Cloud or other container security scanning tools for vulnerability management and compliance monitoring.
• Understanding of how to integrate private container registries with CI/CD pipelines and DevSecOps tools.
• Experience working in environments utilizing container orchestration platforms like Kubernetes (GKE, AKS, EKS) within cloud service platforms (GCP, Azure, AWS).
• Familiarity with tools like Artifactory or other artifact repositories for managing and securing container images.
• Proficiency in PowerShell and Python for automation, workflow orchestration, and querying security data.
• Skilled in Power BI for building dashboards and visualizations, as well as Excel for reporting and cost analysis.