diff --git a/placement/templates/deployment.yaml b/placement/templates/deployment.yaml
index ea14e0cc8b..0a1e4324f2 100644
--- a/placement/templates/deployment.yaml
+++ b/placement/templates/deployment.yaml
@@ -48,6 +48,7 @@ spec:
 {{ dict "envAll" $envAll "podName" "placement-api" "containerNames" (list "placement-api" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
       serviceAccountName: {{ $serviceAccountName }}
+{{ dict "envAll" $envAll "application" "placement" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       affinity:
 {{ tuple $envAll "placement" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
       nodeSelector:
@@ -59,6 +60,7 @@ spec:
         - name: placement-api
 {{ tuple $envAll "placement" | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "placement" "container" "placement_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
           command:
             - /tmp/placement-api.sh
             - start
diff --git a/placement/templates/job-db-migrate.yaml b/placement/templates/job-db-migrate.yaml
index 99d75e74b2..b9100891ca 100644
--- a/placement/templates/job-db-migrate.yaml
+++ b/placement/templates/job-db-migrate.yaml
@@ -33,6 +33,7 @@ spec:
 {{ dict "envAll" $envAll "podName" "placement-db-migrate" "containerNames" (list "placement-mysql-migration" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
       serviceAccountName: {{ $serviceAccountName }}
+{{ dict "envAll" $envAll "application" "placement" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       restartPolicy: OnFailure
       nodeSelector:
         {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
@@ -42,6 +43,7 @@ spec:
         - name: placement-mysql-migration
 {{ tuple $envAll $service | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_service | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "placement" "container" "placement_mysql_migration" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
           command:
             - /tmp/db-migrate.sh
           env:
diff --git a/placement/values.yaml b/placement/values.yaml
index b12f16871f..18b2535dab 100644
--- a/placement/values.yaml
+++ b/placement/values.yaml
@@ -316,9 +316,17 @@ endpoints:
         public: 80
 
 pod:
-  user:
+  security_context:
     placement:
-      uid: 42424
+      pod:
+        runAsUser: 42424
+      container:
+        placement_api:
+          readOnlyRootFilesystem: false
+          runAsUser: 0
+        placement_mysql_migration:
+          readOnlyRootFilesystem: false
+          runAsUser: 0
   affinity:
     anti:
       type: