"Tell me about a time you had to improve the security of a containerized production environment—such as Kubernetes runtime controls, secrets handling, or workload isolation—when the requirements were incomplete and you did not directly own all the engineering teams involved. How did you decide what to prioritize, get buy-in, and ensure the controls were actually adopted without slowing delivery too much?"
