diff --git a/job-ocp.yaml b/job-ocp.yaml
new file mode 100644
index 000000000..cd05ecccc
--- /dev/null
+++ b/job-ocp.yaml
@@ -0,0 +1,106 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: kube-bench
+spec:
+  template:
+    metadata:
+      labels:
+        app: kube-bench
+    spec:
+      serviceAccountName: kube-bench
+      automountServiceAccountToken: true
+      containers:
+        - command: ["kube-bench"]
+          image: docker.io/aquasec/kube-bench:latest
+          name: kube-bench
+          volumeMounts:
+            - name: var-lib-cni
+              mountPath: /var/lib/cni
+              readOnly: true
+            - mountPath: /var/lib/etcd
+              name: var-lib-etcd
+              readOnly: true
+            - mountPath: /var/lib/kubelet
+              name: var-lib-kubelet
+              readOnly: true
+            - mountPath: /var/lib/kube-scheduler
+              name: var-lib-kube-scheduler
+              readOnly: true
+            - mountPath: /var/lib/kube-controller-manager
+              name: var-lib-kube-controller-manager
+              readOnly: true
+            - mountPath: /etc/systemd
+              name: etc-systemd
+              readOnly: true
+            - mountPath: /lib/systemd/
+              name: lib-systemd
+              readOnly: true
+            - mountPath: /srv/kubernetes/
+              name: srv-kubernetes
+              readOnly: true
+            - mountPath: /etc/kubernetes
+              name: etc-kubernetes
+              readOnly: true
+            - mountPath: /usr/local/mount-from-host/bin
+              name: usr-bin
+              readOnly: true
+            - mountPath: /etc/cni/net.d/
+              name: etc-cni-netd
+              readOnly: true
+            - mountPath: /opt/cni/bin/
+              name: opt-cni-bin
+              readOnly: true
+            - name: etc-passwd
+              mountPath: /etc/passwd
+              readOnly: true
+            - name: etc-group
+              mountPath: /etc/group
+              readOnly: true
+
+      hostPID: true
+      restartPolicy: Never
+      volumes:
+        - name: var-lib-cni
+          hostPath:
+            path: /var/lib/cni
+        - hostPath:
+            path: /var/lib/etcd
+          name: var-lib-etcd
+        - hostPath:
+            path: /var/lib/kubelet
+          name: var-lib-kubelet
+        - hostPath:
+            path: /var/lib/kube-scheduler
+          name: var-lib-kube-scheduler
+        - hostPath:
+            path: /var/lib/kube-controller-manager
+          name: var-lib-kube-controller-manager
+        - hostPath:
+            path: /etc/systemd
+          name: etc-systemd
+        - hostPath:
+            path: /lib/systemd
+          name: lib-systemd
+        - hostPath:
+            path: /srv/kubernetes
+          name: srv-kubernetes
+        - hostPath:
+            path: /etc/kubernetes
+          name: etc-kubernetes
+        - hostPath:
+            path: /usr/bin
+          name: usr-bin
+        - hostPath:
+            path: /etc/cni/net.d/
+          name: etc-cni-netd
+        - hostPath:
+            path: /opt/cni/bin/
+          name: opt-cni-bin
+        - hostPath:
+            path: "/etc/passwd"
+          name: etc-passwd
+        - hostPath:
+            path: "/etc/group"
+          name: etc-group