Axos Business Center, Corp

About This Job

Axos is building an AI-native security organization that moves at the speed of the business. Our Kubernetes footprint is expanding to support rapid innovation, continuous deployment, and faster time to market across every line of business. We are looking for a

Kubernetes Security & AI Automation Engineer who will own the security posture of our container and orchestration infrastructure while pioneering AI-driven automation to detect, investigate, and remediate threats at machine speed.

This is not a compliance checkbox role. You will build things: policy-as-code pipelines, AI-powered detection logic, and automated response workflows that keep Kubernetes clusters hardened without slowing engineering velocity.

Responsibilities

Kubernetes & Container Security

• Design, implement, and maintain security controls across Kubernetes clusters (EKS, AKS, or GKE), including network policies, RBAC, admission controllers, pod security standards, and secrets management.
• Build and enforce policy-as-code guardrails that prevent misconfigurations from reaching production without creating developer friction.
• Manage runtime security tooling (Falco, Isovalent, or equivalent) to detect anomalous container behavior, lateral movement, and privilege escalation in real time.

AI-Driven Security Automation

• Build AI/LLM-powered automation pipelines that triage, investigate, and enrich Kubernetes security alerts, reducing mean time to respond and analyst toil.
• Develop prompt-engineered investigation workflows that correlate container telemetry (audit logs, Isovalent alerts, network flows) with broader SIEM data to produce analyst-ready investigation reports.
• Create automated remediation playbooks that can quarantine pods, revoke credentials, or roll back deployments in response to confirmed threats, with appropriate human-in-the-loop controls.
• Continuously tune detection logic and AI investigation prompts based on false-positive analysis, emerging threat patterns, and feedback from SOC analysts.
• Evaluate and integrate AI/ML-based anomaly detection for container workloads, API traffic, and cluster resource behavior.

Security Engineering & Operations

• Instrument Kubernetes environments for comprehensive security observability: audit logs, runtime telemetry, and network flow data piped into Splunk or equivalent SIEM.
• Partner with platform engineering and application teams to embed security into deployment pipelines without becoming a bottleneck.
• Serve as the subject-matter expert on Kubernetes threat modeling, advising teams on attack surfaces unique to containerized and orchestrated environments.
• Maintain runbooks, architecture diagrams, and operational documentation that enable the broader security team to support container security operations.
• Track the Kubernetes security landscape (CVEs, CIS benchmarks, CNCF projects) and translate emerging risks into actionable hardening initiatives.

Qualifications

Required

• 5+ years in security engineering, DevSecOps, or infrastructure security with meaningful hands-on Kubernetes experience in production.

• Deep, practical knowledge of Kubernetes internals: API server, etcd, kubelet, networking (CNI), storage, and the admission control chain.
• Demonstrated experience building security automation with Python (strongly preferred), Bash, or Go.
• Hands-on experience with at least two of: OPA/Gatekeeper, Kyverno, Falco, Trivy, Cosign, KubeArmor, or Aqua.
• Strong working knowledge of cloud platforms (AWS EKS, Azure AKS, or GCP GKE) and associated IAM, networking, and security services.
• Experience integrating container security telemetry into SIEM platforms (Splunk preferred) for alerting and investigation.
• Solid understanding of CI/CD pipelines (GitHub Actions, GitLab CI, or similar) and how to embed security gates without breaking developer flow.

Preferred

• Experience building or integrating LLM/AI-driven workflows for security operations (alert triage, investigation enrichment, automated remediation).
• Familiarity with prompt engineering, LLM orchestration frameworks (LangChain, Kindo, or similar), and vector databases for security use cases.
• CKS (Certified Kubernetes Security Specialist) or CKA certification.

Why This Role

• You will build, not just govern. This team ships security tooling and automation, not slide decks.

• AI-first security organization: our autonomous SOC pipeline is live and you will extend it into the Kubernetes domain.
• Direct impact at a federally chartered digital bank where security decisions are consequential and visible to leadership.
• Work alongside senior practitioners who value intellectual honesty, hands-on craft, and enforceable security over compliance theater.

About Axos

Born digital-first, Axos delivers financial tools and services that allow individuals, small businesses, and companies to access and manage their money how, when, and where they want. We’re a diverse team of dynamic, insightful, and independent innovators who are excited to provide technology-driven solutions that offer unbeatable value to our customers.

Axos Financial is our holding company and is publicly traded on the New York Stock Exchange under the symbol "AX" (NYSE: AX).

Learn More about working at Axos Business Center

Pre-Employment Background Check, Medical, and Drug Test:

All offers are contingent upon the candidate successfully passing a credit check, criminal background check, and pre-employment medical and drug screening. 

Equal Employment Opportunity:

Axos is an Equal Opportunity employer. We are committed to providing equal employment opportunities to all employees and applicants without regard to race, religious creed, color, sex (including pregnancy, breast feeding and related medical conditions), gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship status, military and veteran status, marital status, age, protected medical condition, genetic information, physical disability, mental disability, or any other protected status in accordance with all applicable federal, state, and local laws.

Job Functions and Work Environment:

While performing the duties of this position, the employee is required to sit for extended periods of time. Manual dexterity and coordination are required while operating standard office equipment such as computer keyboard and mouse, calculator, telephone, copiers, etc.

The work environment characteristics described here are representative of those an employee may encounter while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.