We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Tesla Motors, Inc. jobs

Staff Site Reliability Engineer, Platform Security

Tesla Motors, Inc.
paid holidays, flex time, 401(k)
United States, Texas, Austin
Jun 12, 2026
What to Expect
This team manages multiple functions across Tesla that includes Platform Engineering, Devops, MLOps, Cloud Infrastructure (AWS, Azure, GCP), Factory SRE as well. Continued development and automation of deployment, monitoring, self-healing and alerting processes is imperative to the success of our engineering groups. We're seeking an expert level Kubernetes Security Engineer with SRE background to lead end-to-end security transformation across our entire kubernetes cluster estate, tooling, and CI/CD automations.

What You'll Do
  • Conduct comprehensive security audits across all Kubernetes clusters, identifying RBAC misconfigurations, overprivileged service accounts, and policy gaps
  • Design and implement RBAC strategy enforcing principle of least privilege (PoLP) across all clusters, namespaces, and workloads with granular role definitions and access controls
  • Establish continuous audit and compliance monitoring using admission controllers (OPA/Gatekeeper, Kyverno), audit logging, and runtime security tooling to detect and prevent policy violations
  • Harden container and pod security by implementing Pod Security Standards (PSS/PSA), security contexts, network policies, and eliminating privileged containers and root execution
  • Secure software supply chain through image scanning, signing (Sigstore/Cosign), SBOM generation, admission webhooks, and private registry governance
  • Deploy cluster-wide security mitigations at scale using GitOps workflows, policy-as-code, and automated remediation across the entire cluster fleet
  • Implement network segmentation and zero-trust architecture using service mesh, network policies, mTLS, and microsegmentation to limit blast radius
  • Build secrets management infrastructure migrating from in-cluster secrets to external vaults (HashiCorp Vault, AWS Secrets Manager) with dynamic credential rotation
  • Collaborate with Infosec and red team on threat detection and automated incident response playbooks
  • Security tooling standardization and automation, creating reusable Helm charts, Terraform modules, and CI/CD pipelines for consistent security posture across all clusters

What You'll Bring
  • 7+ years of Kubernetes security experience with proven track record securing large-scale, multi-cluster production environments
  • Deep RBAC expertise including ClusterRoles, RoleBindings, service account management, and complex multi-tenant authorization models
  • Active contributor to major open-source container security projects (e.g., Falco, Open Policy Agent, Trivy, Kubescape, KubeArmor, Cilium, or CNCF security projects) with verifiable GitHub contributions
  • Expert-level knowledge of Kubernetes security primitives: Pod Security Standards, SecurityContext, NetworkPolicies, admission controllers, audit logging, and CIS benchmarks
  • Hands-on experience with security tooling: OPA/Gatekeeper, Kyverno, Falco, Trivy, Aqua Security or similar platforms
  • Strong automation and IaC skills: Terraform, Helm, GitOps (ArgoCD/Flux), Python/Go for building security automation and policy-as-code frameworks
  • Container security expertise: Image hardening, vulnerability management, supply chain security (SLSA, SBOM, Sigstore), and rootless/distroless containers
  • Experience deploying changes at scale across distributed cluster fleets using multi-cluster management tools (Rancher, Anthos, EKS Anywhere, Cluster API)
  • Strong incident response and forensics background in containerized environments, including experience with eBPF-based monitoring, log analysis (ELK/Splunk), and breach containment strategies

Compensation and Benefits
Benefits

Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:

  • Medical plans > plan options with $0 payroll deduction
  • Family-building, fertility, adoption and surrogacy benefits
  • Dental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contribution
  • Company Paid (Health Savings Accounts) HSA Contribution when enrolled in the High-Deductible medical plan with HSA
  • Healthcare and Dependent Care Flexible Spending Accounts (FSA)
  • 401(k) with employer match, Employee Stock Purchase Plans, and other financial benefits
  • Company paid Basic Life, AD&D
  • Short-term and long-term disability insurance (90 day waiting period)
  • Employee Assistance Program
  • Sick and Vacation time (Flex time for salary positions, Accrued hours for Hourly positions), and Paid Holidays
  • Back-up childcare and parenting support resources
  • Voluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insurance
  • Weight Loss and Tobacco Cessation Programs
  • Tesla Babies program
  • Commuter benefits
  • Employee discounts and perks program
    Applied = 0
    MORE JOBS LIKE THIS

    (web-77cf7d65c7-wmmd7)