Kubernetes, Container Security & AI Runtime Protection Cybersecurity Engineer

DescriptionThis employer will not sponsor applicants for the following work visas: F-1 student, H-1B worker, O-1 worker, TN worker, E-3 worker. Applicants must be currently authorized to work in the United States on a full-time basis.Job Description SummaryThe Kubernetes, Container Security & AI Runtime Protection Cybersecurity Engineer provides design and engineering expertise for the Cybersecurity organization to application support teams delivering external and internal services. A successful candidate can bring their expertise in Kubernetes, containers, and DevOps practices to our Cybersecurity team. If you're passionate about securing cloud-native applications, infrastructure, and emerging AI technologies, this role is for you!In addition to container security, this position offers an exciting opportunity to drive AI runtime security for internal Large Language Models (LLMs) and agentic workflows. You will help define and implement security controls for generative AI systems, ensuring safe and compliant deployment across the enterprise.Even if you don't have direct cybersecurity experience, we're interested in talking to you if you have a strong background in Kubernetes, container orchestration, DevOps principles, or AI security. We'll provide training and support to apply your skills to securing applications, APIs, and AI models against various threats.Key ResponsibilitiesProvide excellent customer service for internal and external customers in support of security initiatives, incident response, and operational support.Develop, maintain, and automate application protection technologies throughout Huntington's enterprise environment.Provide subject matter expertise to the Cybersecurity Operations Center monitoring and responding to alerts and incidents.Stay current on industry trends, evolving application protections, cloud provider capabilities, and the ever-increasing threat landscape.Implement CNAPP tools in multi-account AWS, Azure, and OpenShift environments.Develop Infrastructure as Code (IaC) using Terraform and integrate security scanning into CI/CD pipelines.Develop custom control checks within CNAPP Platforms using JSON, REGO, or Terraform.Collaborate with DevOps and application development teams to build secure enterprise applications.Troubleshoot and maintain the security of Kubernetes clusters and container environments.Design and implement runtime security controls for internal LLMs and agentic AI workflows.Collaborate with AI engineering teams to secure custom RAG models and generative AI pipelines.Basic Qualifications* Bachelor's degreeFive years of any of the following experience combined:3+ years of experience working with Kubernetes and container orchestration platforms.3+ years of experience managing the security of pods/containers and images.3+ years of experience deploying code using Terraform.3+ years of experience with container orchestration networking.3+ years of experience integrating and managing security platforms in corporate environments or developing secure enterprise business applications.3+ years of experience with at least one high-level programming language (e.g., Python, Go, Java, JavaScript).3+ years of experience integrating security tools into CI/CD pipelines and collaborating with DevOps and application development teams.Preferred QualificationsHands-on experience building security into various products, infrastructure, or platforms or experience with DevSecOps.Extensive experience operating a Cloud Workload Protection platform such as Palo Alto Prisma Cloud preferred, Aqua Security , Lacework, Dome9, Snyk, Wiz.io, or Orca.Knowledge of security architecture, system and network security, authentication and authorization protocols, cryptography, and application security.Cloud Security certifications are preferred.Experience securing public, B2C, B2B, and internal APIs.Experience automating the provisioning and verification of on-premises and cloud security services.Advanced level knowledge of operating systems (Windows, Linux, Unix).Experience working in an agile work team.Thrives in fast-paced and dynamic environments.Energized by mitigating sophisticated threats targeting enterprises and customers.3+ years of experience working with security by design principles, architecture-level concepts, security frameworks (NIST and PCI), OWASP, etc.5+ years of experience in a role that requires written and verbal communication with customers.Optional Preferred Experience:Penetration testing against LLMs or generative AI systems.Building or fine-tuning LLMs and custom RAG models.Familiarity with AI security frameworks and adversarial testing techniques.#Hybrid#LI-SG1#LI-BM1Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)YesWorkplace Type:OfficeOur Approach to Office Workplace TypeCertain positions outside our branch network may be eligible for a flexible work arrangement. We're combining the best of both worlds: in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.Compensation Range:$70,000 - $140,000 USD AnnualThe compensation range represents the low and high end of the base compensation range for this position. Actual compensation will vary and may be above or below the range based on various factors including but not limited to location, experience, and performance. Colleagues in this position are also eligible to participate in an applicable incentive compensation plan. In addition, Huntington provides a variety of benefits to colleagues, including health insurance coverage, wellness program, life and disability insurance, retirement savings plan, paid leave programs, paid holidays and paid time off (PTO).Huntington is an Equal Opportunity Employer.Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.Note to Agency Recruiters: Huntington will not pay a fee for any placement resulting from the receipt of an unsolicited resume. All unsolicited resumes sent to any Huntington colleagues, directly or indirectly, will be considered Huntington property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.