Platform Hardening Engineer to be responsible for strengthening, evolving, and replacing security controls
Position: Platform Hardening Engineer – Mythos Response
Location: Canada (Remote)
Duration: 3 Months Initially, extension opportunities
Language: English (French is nice to have)
Background: Kyndryl require a Platform Hardening Engineer to be responsible for strengthening, evolving, and replacing security controls that fail under modern adversary pressure, particularly during AI‑assisted exploitation campaigns. Operating within Mythos Response activities, this role ensures that defensive platforms do not merely detect attacks—but raise durable barriers that meaningfully slow, constrain, or stop attackers.
This role focuses on identifying where existing controls degrade under real‑world threat conditions, prioritizing hard‑barrier alternatives, and aligning remediation efforts with the organization’s most business‑critical workloads. The Platform Hardening Engineer acts as the connective tissue between response learnings and long‑term defensive resilience.
Qualifications:
· Experience conducting enterprise security architecture reviews tied to real incident outcomes
· Hands‑on expertise in cloud, container, and platform security (runtime controls, identity boundaries, workload isolation)
· Strong foundation in secure software and infrastructure design principles
· Proven ability to articulate technical risk and remediation value to executive audiences
· Experience incorporating lessons from live incidents into architectural decisions
Responsibilities/Deliverables:
· Control Effectiveness Assessment
o Run friction-vs-barrier assessments across critical security controls used during Mythos Response events
o Identify controls that provide perceived security value but collapse under AI-assisted exploitation techniques
· Adversary-Informed Hardening
o Analyze response and recovery findings to determine where platforms, runtimes, or architectural patterns enable repeat exploitation
o Prioritize hard-barrier replacements over soft detection or alert-only controls when adversary speed or sophistication outpaces response
· Platform & Runtime Defense
o Accelerate memory-safe migrations, sandboxing, isolation, or containment strategies to reduce entire classes of exploitability
o Design platform guardrails that constrain attacker movement even after initial compromise
· Control Lifecycle Decisions
o Advise on control retirement vs. reinforcement decisions based on adversary realism, operational friction, and business impact
o Help prevent defensive sprawl by favoring fewer, stronger controls aligned to actual threat behavior
· Business-Aligned Remediation
o Align hardening efforts to business-critical workloads, Tier 0 infrastructure, and high-impact services
o Translate technical tradeoffs into clear risk narratives for executive and operational stakeholders
#IndKyn
**Please note this is for a contract position with one of our clients and not a fulltime employment role with Kyndryl Canada**