Full-time
Based in Sunnyvale, CA
To secure critical node infrastructure in Kubernetes, the open source platform that is taking the cloud by storm ;D
The Kubernetes Node includes the VM instance, operating system, and several system daemons. It is the bedrock for a useful cluster, and the component that actually runs workloads.
On the Google Kubernetes Engine team, Kubernetes Node Security bridges the gap between our Node & Security subteams. We are responsible for protecting the nodes and their workloads from attackers. We consider threats from the OS Kernel and up, and with threat models including both external attackers and internal (e.g. hostile workloads).
Node Security responsibilities include:
- Collaborating with Google Cloud teams and the large Kubernetes open-source community
- Analyzing threat models and designing & building mitigations for the highest priority threats
- Designing building-block features that customers can use to enhance their application security
- Reviewing features & consulting with other teams (both at Google and the open-source community) on issues that may impact node security
- Responding to vulnerability disclosures, and privacy or security incidents
More concretely, most upcoming projects are split along 2 axes: pod vs. node level defences, and internal vs. external threats. The first is about whether we are building a security boundary around the pod (workload instance) or the node (containing many pods). The second is about containing threats (e.g. sandboxing workloads) versus hardening against threats outside the node. Here are a few examples:
Node containment
- Limit the ways to steer workloads to a compromised node and escalate privileges (kubernetes/kubernetes#68267)
- Reduce the privileges of node-level daemons (kubernetes/kubernetes#62747)
Node hardening
- Ensure all connections to node services are authenticated & authorized (kubernetes/kubernetes#12968)
- Provide building-block features for plugins to run securely (kubernetes/kubernetes#63732)
- Reduce external dependencies & generally improve source auditability
Pod containment
- Mitigate the (previously ignored) local DoS attack vectors (https://goo.gl/eQHuqo)
- Sandboxing pods with lightweight virtual machines or gVisor
Pod Hardening
- Improved certificate and secrets management (kubernetes/kubernetes#63726)
The Google Kubernetes Engine team gets to build on top of Google's incredible infrastructure and draw on the vast expertise of many industry experts, while also closely collaborating with one of the largest open source communities. This means you'll be working with engineers from diverse backgrounds all over the world, and participating in this amazing community effort.
As an open source project, your work will have much greater visibility than other closed-source projects. You will have the opportunity to speak openly about it at conferences (only if you want), and talk directly with users and customers.
We're looking for a creative engineer who is excited about security, and a proactive learner. Someone who doesn't take features at face-value, and likes to think about ways to break the system. Someone who doesn't just think about the features we're trying to build, but also the features we are actually building.
Minimum qualifications
- BA/BS degree in Computer Science or related technical field or equivalent practical experience.
- 1-year of relevant work experience in software development.
- Professional coding experience in one or more general purpose programming languages
- Experience with systems programming
- Working proficiency and communication skills in verbal and written English
Preferred qualifications
Candidates with these qualifications will stand out
- Security experience, knowledge or training
- Experience debugging or developing linux native apps or internals
- Experience using or developing Kubernetes
- Experience with other large open source software projects
Contact Chelsea Azevedo <azevedoc@google.com> to learn more