docs: Clarify how to run Job on OpenShift (#1401)

Signed-off-by: Jack Henschel <jackdev@mailbox.org>

docs/running.md

@@ -34,7 +34,7 @@ docker run --pid=host -v /etc:/etc:ro -v /var:/var:ro -t -v path/to/my-config.ya
 
 You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored.
 
-The supplied `job.yaml` file can be applied to run the tests as a job. For example:
+The `job.yaml` file (available in the root directory of the repository) can be applied to run the tests as a Kubernetes `Job`. For example:
 
 ```bash
 $ kubectl apply -f job.yaml
@@ -140,6 +140,14 @@ kube-bench includes a set of test files for Red Hat's OpenShift hardening guide
 
 `kube-bench` supports auto-detection, when you run the `kube-bench` command it will autodetect if running in openshift environment.
 
+Since running `kube-bench` requires elevated privileges, the `privileged` SecurityContextConstraint needs to be applied to the ServiceAccount used for the `Job`:
+
+```
+oc create namespace kube-bench
+oc adm policy add-scc-to-user privileged --serviceaccount default
+oc apply -f job.yaml
+```
+
 ### Running in a GKE cluster
 
 | CIS Benchmark | Targets                                                     |