diff --git a/pkg/splunk/enterprise/util.go b/pkg/splunk/enterprise/util.go
index 7d3bd2b59..5fc96222b 100644
--- a/pkg/splunk/enterprise/util.go
+++ b/pkg/splunk/enterprise/util.go
@@ -679,6 +679,10 @@ func setupInitContainer(podTemplateSpec *corev1.PodTemplateSpec, Image string, i
 	} else {
 		volMntName = fmt.Sprintf(splcommon.PvcNamePrefix, splcommon.EtcVolumeStorage)
 	}
+	// update security context
+	runAsUser := int64(41812)
+	runAsNonRoot := true
+	privileged := false
 	containerSpec := corev1.Container{
 		Image:           Image,
 		ImagePullPolicy: corev1.PullPolicy(imagePullPolicy),
@@ -699,6 +703,23 @@ func setupInitContainer(podTemplateSpec *corev1.PodTemplateSpec, Image string, i
 				corev1.ResourceMemory: resource.MustParse("512Mi"),
 			},
 		},
+		SecurityContext: &corev1.SecurityContext{
+			RunAsUser:                &runAsUser,
+			RunAsNonRoot:             &runAsNonRoot,
+			AllowPrivilegeEscalation: &[]bool{false}[0],
+			Capabilities: &corev1.Capabilities{
+				Drop: []corev1.Capability{
+					"ALL",
+				},
+				Add: []corev1.Capability{
+					"NET_BIND_SERVICE",
+				},
+			},
+			Privileged: &privileged,
+			SeccompProfile: &corev1.SeccompProfile{
+				Type: corev1.SeccompProfileTypeRuntimeDefault,
+			},
+		},
 	}
 	podTemplateSpec.Spec.InitContainers = append(podTemplateSpec.Spec.InitContainers, containerSpec)
 }