You lead the way. We have your back.
At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.
Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.
American Express is continuing its Cloud transformation journey with a strong focus on secure, scalable container platforms. The Kubernetes Architect is an integral member of the Cloud Security and Platform Architecture teams, delivering Kubernetes expertise, cloud security design, and platform governance that enable secure adoption of enterprise Kubernetes and AWS services. This role provides subject matter expertise, advances Kubernetes guardrails, and ensures the success of American Express’ hybrid cloud strategy.
You will work closely with Information Security teams, Enterprise Architecture, Cloud Engineering, and external cloud providers on requirements, design, integration, and delivery of Kubernetes and cloud platform solutions. This position demands a well-organized, action-oriented team player with the ability to prioritize work across multiple initiatives, maintain a strong command of Kubernetes and cloud technologies, and drive end-to-end processes focused on secure, frictionless user experience.
Responsibilities Include:
Evaluate Kubernetes, container security, and cloud-native technologies across private and public cloud for technical, functional and financial feasibility.
Assess, measure and report against Kubernetes and cloud security controls, and drive risk reduction guidance for containerized workloads.
Provide Kubernetes and cloud security expertise to the Cloud Program, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Cloud Application Architecture subprograms.
Deliver and mature Kubernetes platform tooling across public and private cloud; collaborate with enterprise architects and SMEs to deliver comprehensive cluster security solutions.
Lead the technical design and deployment of global Kubernetes and EKS security solutions for internal and external cloud environments.
Capture requirements; build functional specifications, timelines, adoption plans and other artifacts to support secure Kubernetes and cloud implementation.
Build cloud-optimized Kubernetes security patterns and contribute to Enterprise Architecture governance.
Drive proof of concepts that assess suitability of Kubernetes, container security, and policy-as-code solutions; demonstrate how technology can be leveraged to improve platform security posture.
Partner with and support Engineering teams to drive secure Kubernetes adoption and execute platform improvements in a timely manner.
Minimum Qualifications:
Bachelor’s degree in computer science, computer engineering, or related field; or equivalent experience.
2+ years of experience in Information Security or Cloud Security Roles.
Hands-on experience securing Kubernetes/EKS clusters, including RBAC, Network Policies, Pod Security Standards, and OPA/Gatekeeper policy governance.
Experience in Amazon Web Services – enablement, support, or deployment of applications and containerized workloads to cloud.
Experience with Cloud Control Matrix, CIS Benchmarks, and Kubernetes/EKS security frameworks for gap assessment and remediation.
Broad understanding of IS disciplines including Governance, Cyber Threat, Identity & Access, Infrastructure, Endpoint, Vulnerability, Data Protection, Operations, Application, and Incident Response.
Understanding of Kubernetes and cloud platform delivery with experience in planning and execution of container security and cloud security projects.
Preferred Qualifications:
Understanding of Cloud Fundamentals, including containers, software-defined networks, high availability design, multi-cloud, and serverless compute.
Demonstrated experience in Agile environments, application design, software development, and testing.
Knowledge of configuration management, container security, secrets management, and runtime security as they are applied to Kubernetes and cloud environments.
Knowledge of network architecture, network security, and TCP/IP
Information Security Certification (CISSP, CCSP, or similar) is preferred.
Salary Range: $123,000.00 to $215,250.00 annually + bonus + benefits
The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we’ll consider your location, experience, and other job-related factors.
We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:
Competitive base salaries Bonus incentives 6% Company Match on retirement savings plan Free financial coaching and financial well-being support Comprehensive medical, dental, vision, life insurance, and disability benefits Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunitiesFor a full list of Team Amex benefits, visit our Colleague Benefits Site.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including, but not limited to, the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions.
We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.
US Job Seekers - Click to view the “Know Your Rights” poster. If the link does not work, you may access the poster by copying and pasting the following URL in a new browser window: https://www.eeoc.gov/poster
Employment eligibility to work with American Express in the United States is required as the company will not pursue visa sponsorship for these positions.