The Infrastructure and Developer Platform (IDP) team within the Microsoft Threat Protection (MTP) organization builds and maintains the infrastructure and developer platform that almost all Defender products (Defender for Endpoint, Defender for Identity, etc.) rely on. This platform allows engineers across MTP to more easily deploy their services, lower costs, and increase security and reliability across our fleet. This position will specifically focus on Azure Kubernetes Security within the organization. The IDP team is at the heart of Microsoft's security infrastructure, providing the essential tools and frameworks that empower our engineers to innovate and deliver cutting-edge security solutions. Our platform is designed to streamline the deployment process, enhance cost-efficiency, and bolster the security and reliability of our services. By leveraging the latest technologies and best practices, we ensure that our Defender products operate seamlessly and securely, protecting millions of users worldwide. **Responsibilities** + Define and drive the Kubernetes security roadmap, ensuring alignment with organizational security and compliance requirements. + Establish and enforce best practices for securing Kubernetes workloads, including network policies, RBAC, and supply chain security. + Partner with Microsoft Security, Compliance, and Platform Engineering teams to align Kubernetes security initiatives with broader security frameworks (e.g., Microsoft SDL, Defender for Cloud, 1ES) + Lead the design, implementation, and enforcement of secure-by-default configurations for AKS and Kubernetes workloads. + Engage with internal and external security communities, contributing to security standards and best practices within Microsoft. + Lead and mentor a team of security-focused engineers, fostering a culture of innovation, collaboration, and operational excellence. + Establish team OKRs/KPIs for measuring security improvements and operational effectiveness. **Qualifications** + 8-10 years of experience in software engineering. + 2-4 years of experience in a people management role. + Strong understanding of Kubernetes security concepts, including network policies, RBAC, workload identity, container runtime security, and supply chain security. + Hands-on experience with Kubernetes on major cloud providers (Azure AKS, AWS EKS, GCP GKE) and security best practices for cloud-native workloads. + Familiarity with Terraform, Pulumi, or other IaC tools to manage Kubernetes deployments securely. + Experience implementing secure CI/CD pipelines, image scanning, policy enforcement (OPA/Gatekeeper/Kyverno), and runtime security tools (Falco, Aqua, etc.). + Knowledge of detecting, analyzing, and responding to security incidents in Kubernetes environments. + Proven ability to lead security-focused engineering teams, collaborate with security, platform, and developer teams, and drive adoption of security best practices. + Experience with container-based development, including Docker and Kubernetes. + Deep understanding of Azure Kubernetes Service (AKS) security features, including Azure Policy, Microsoft Defender for Containers, Azure AD workload identity, and confidential computing. + Bachelor’s Degree AND 4+ years’ experience in software engineering, or product development OR equivalent experience. + Ability to work effectively with cross-functional teams and manage multiple priorities. + Ability to work across different geographies, including the United States, Israel, and India. + Experience using Azure DevOps for tracking planning and execution. Preferred Qualifications: + CKA, CKS, CISSP, or other relevant security and Kubernetes certifications. + Experience with security frameworks such as NIST, CIS Benchmarks, and PCI-DSS, and ability to assess and mitigate risks in Kubernetes environments. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .