diff --git a/instances/iot.packages/config.jsonnet b/instances/iot.packages/config.jsonnet
index 49adca9c6..affbc1d5a 100644
--- a/instances/iot.packages/config.jsonnet
+++ b/instances/iot.packages/config.jsonnet
@@ -7,5 +7,6 @@
     plugins+: [
       "gerrit-trigger"
     ]
-  }
+  },
+  seLinuxLevel: "s0:c50,c45",
 }
diff --git a/instances/iot.packages/target/config.json b/instances/iot.packages/target/config.json
index 915b337f4..4f5fbf3a1 100644
--- a/instances/iot.packages/target/config.json
+++ b/instances/iot.packages/target/config.json
@@ -900,6 +900,7 @@
       },
       "generate": false
    },
+   "seLinuxLevel": "s0:c50,c45",
    "secrets": {
       "dockerconfigjson": {
          "dockerconfigjson-for-pull-as-default": {
diff --git a/instances/iot.packages/target/k8s/statefulset.json b/instances/iot.packages/target/k8s/statefulset.json
index f2e7420dc..a929c4c76 100644
--- a/instances/iot.packages/target/k8s/statefulset.json
+++ b/instances/iot.packages/target/k8s/statefulset.json
@@ -119,7 +119,12 @@
                         "cpu": "250m"
                      }
                   },
-                  "securityContext": { },
+                  "securityContext": {
+                     "seLinuxOptions": {
+                        "level": "s0:c50,c45",
+                        "type": "spc_t"
+                     }
+                  },
                   "volumeMounts": [
                      {
                         "mountPath": "/var/jenkins",