The OpenShift Infrastructure and Security Compliance (ISC) team is looking for a Senior Software Engineer to join our rapidly growing engineering team. The ISC team plays a major role in maintaining and improving OpenShifts security posture.

As a core developer for the ISC team, you will have the opportunity to actively participate in development of our compliance tool set as well as the affiliated open-source communities. You will work as part of an evolving development team to rapidly design, secure, build, test, and release new capabilities. The role is primarily an individual contributor who collaborates closely with other developers and cross-functional teams. You should have a passion for working in open-source communities and for developing solutions that integrate Red Hat, open-source, and partner technologies into a cohesive platform.

What you will do:

• Develop tooling to generate and automate regulatory benchmark guidance
• AI driven tooling (MCP servers/toolsets) that integrates with IDEs (Claude Code/Cursor)
• Understanding Compliance Operator resources, like CustomRules and Profiles
• Implementing checks using multiple scanning technologies, like OpenSCAP and CEL expressions
• Developing and maintaining operators that improve OpenShift security posture
• Contribute to industry benchmark regulatory bodies where applicable (CIS)

What you will bring:

• Have an understanding of security and hardening techniques for container management (e.g., Security Context Constraints, Validation Admission Policies, RBAC),
• Have an understanding of Machine Configs, SCCs and RHCOS (operating systems optimized for running containers)
• Have an understanding of Concept of operators within the Kubernetes ecosystem, and how they function and OLM (Red Hat’s package manager for operators)
• Fluent in git
• Experience developing and maintaining projects in Golang and/or Python
• Project management experience and tracking with task tracking tools (e.g., Jira)
• Compliance Scanning workflows with various tools like Remediate, Rescan or Repeat
• Familiarity with specific regulatory bodies and their benchmarks (CIS, PCI, DISA, NIST, etc.)

Nice to have skills

• Familiar with Cursor and/or Claude Code - since we’re looking to lean heavily on AI tools to help with the profiles
• Experience with GitOps-based workflows or Tekton pipelines

About Red Hat

Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies. Spread across 40+ countries, our associates work flexibly across work environments, from in-office, to office-flex, to fully remote, depending on the requirements of their role. Red Hatters are encouraged to bring their best ideas, no matter their title or tenure. We're a leader in open source because of our open and inclusive environment. We hire creative, passionate people ready to contribute their ideas, help solve complex problems, and make an impact.

Inclusion at Red Hat
Red Hat’s culture is built on the open source principles of transparency, collaboration, and inclusion, where the best ideas can come from anywhere and anyone. When this is realized, it empowers people from different backgrounds, perspectives, and experiences to come together to share ideas, challenge the status quo, and drive innovation. Our aspiration is that everyone experiences this culture with equal opportunity and access, and that all voices are not only heard but also celebrated. We hope you will join our celebration, and we welcome and encourage applicants from all the beautiful dimensions that compose our global village.

Equal Opportunity Policy (EEO)
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, veteran status, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.

Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.

Red Hat supports individuals with disabilities and provides reasonable accommodations to job applicants. If you need assistance completing our online job application, email application-assistance@redhat.com. General inquiries, such as those regarding the status of a job application, will not receive a reply.