diff --git a/pkg/manager/impl/execution_manager.go b/pkg/manager/impl/execution_manager.go
index 2cdfd0895..287abbf78 100644
--- a/pkg/manager/impl/execution_manager.go
+++ b/pkg/manager/impl/execution_manager.go
@@ -489,7 +489,6 @@ func mergeIntoExecConfig(workflowExecConfig admin.WorkflowExecutionConfig, spec
 			workflowExecConfig.GetInterruptible().GetValue() != spec.GetInterruptible().GetValue()) {
 		workflowExecConfig.Interruptible = spec.GetInterruptible()
 	}
-
 	return workflowExecConfig
 }
 
@@ -538,6 +537,12 @@ func (m *ExecutionManager) getExecutionConfig(ctx context.Context, request *admi
 	}
 	//  merge the application config into workflowExecConfig. If even the deprecated fields are not set
 	workflowExecConfig = mergeIntoExecConfig(workflowExecConfig, m.config.ApplicationConfiguration().GetTopLevelConfig())
+	// Explicitly set the security context if its nil since downstream we expect this settings to be available
+	if workflowExecConfig.GetSecurityContext() == nil {
+		workflowExecConfig.SecurityContext = &core.SecurityContext{
+			RunAs: &core.Identity{},
+		}
+	}
 	logger.Infof(ctx, "getting the workflow execution config from application configuration")
 	// Defaults to one from the application config
 	return &workflowExecConfig, nil
diff --git a/pkg/runtime/application_config_provider.go b/pkg/runtime/application_config_provider.go
index c996b9af4..bce4fccd5 100644
--- a/pkg/runtime/application_config_provider.go
+++ b/pkg/runtime/application_config_provider.go
@@ -31,7 +31,7 @@ var flyteAdminConfig = config.MustRegisterSection(flyteAdmin, &interfaces.Applic
 	EventVersion:          2,
 	AsyncEventsBufferSize: 100,
 	MaxParallelism:        25,
-	K8SServiceAccount:     "default",
+	K8SServiceAccount:     "",
 })
 
 var schedulerConfig = config.MustRegisterSection(scheduler, &interfaces.SchedulerConfig{