diff --git a/awx/api/views.py b/awx/api/views.py
index 3dbb18db29..bdfa7a8183 100644
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -2998,7 +2998,7 @@ class JobTemplateExtraCredentialsList(JobTemplateCredentialsList):
 
     def get_queryset(self):
         sublist_qs = super(JobTemplateExtraCredentialsList, self).get_queryset()
-        sublist_qs = sublist_qs.filter(**{'credential_type__kind__in': ['cloud', 'net']})
+        sublist_qs = sublist_qs.filter(credential_type__kind__in=['cloud', 'net'])
         return sublist_qs
 
     def is_valid_relation(self, parent, sub, created=False):
@@ -3794,7 +3794,7 @@ class JobExtraCredentialsList(JobCredentialsList):
 
     def get_queryset(self):
         sublist_qs = super(JobExtraCredentialsList, self).get_queryset()
-        sublist_qs = sublist_qs.filter(**{'credential_type__kind__in': ['cloud', 'net']})
+        sublist_qs = sublist_qs.filter(credential_type__kind__in=['cloud', 'net'])
         return sublist_qs
 
 
diff --git a/awx/main/models/jobs.py b/awx/main/models/jobs.py
index f59e27d59e..cc438bd013 100644
--- a/awx/main/models/jobs.py
+++ b/awx/main/models/jobs.py
@@ -166,11 +166,11 @@ class JobOptions(BaseModel):
 
     @property
     def network_credentials(self):
-        return [cred for cred in self.credentials.all() if cred.credential_type.kind == 'net']
+        return list(self.credentials.filter(credential_type__kind='net'))
 
     @property
     def cloud_credentials(self):
-        return [cred for cred in self.credentials.all() if cred.credential_type.kind == 'cloud']
+        return list(self.credentials.filter(credential_type__kind='cloud'))
 
     @property
     def credential(self):
@@ -186,7 +186,7 @@ class JobOptions(BaseModel):
 
     def get_deprecated_credential(self, kind):
         try:
-            return [cred for cred in self.credentials.all() if cred.credential_type.kind == kind][0]
+            return self.credentials.filter(credential_type__kind=kind).first()
         except IndexError:
             return None
 
diff --git a/awx/main/tests/unit/test_tasks.py b/awx/main/tests/unit/test_tasks.py
index 3dbc8399fb..75b1ab0207 100644
--- a/awx/main/tests/unit/test_tasks.py
+++ b/awx/main/tests/unit/test_tasks.py
@@ -245,12 +245,15 @@ class TestJobExecution:
 
         # mock the job.credentials M2M relation so we can avoid DB access
         job._credentials = []
-        patch = mock.patch.object(UnifiedJob, 'credentials', mock.Mock(
-            all=lambda: job._credentials,
-            add=job._credentials.append,
-            filter=mock.Mock(return_value=job._credentials),
-            spec_set=['all', 'add', 'filter']
-        ))
+        patch = mock.patch.object(UnifiedJob, 'credentials', mock.Mock(**{
+            'all': lambda: job._credentials,
+            'add': job._credentials.append,
+            'filter.return_value': mock.Mock(
+                __iter__ = lambda *args: iter(job._credentials),
+                first = lambda: job._credentials[0]
+            ),
+            'spec_set': ['all', 'add', 'filter']
+        }))
         self.patches.append(patch)
         patch.start()