Remote Staff DevSecOps Engineer

Summary

Join our team as a DevSecOps Engineer at Xometry, where you'll play a critical role in embedding security into every stage of the software development lifecycle. As a staff-level cybersecurity professional with a strong background in DevSecOps, network security, and security architecture, you'll collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline.

Requirements

• Minimum of 8+ years of experience in DevSecOps, DevOps, or a related field
• Experience with AWS or deep fluency in one of GCP or Azure
• Proficiency with CI/CD tools such as Github Actions, Jenkins, GitLab CI, or CircleCI
• Hands-on experience with Kubernetes
• Proficiency with infrastructure as code (IaC) tools such as Terraform, OpenTofu, or CloudFormation
• Strong programming skills in Python and shell scripting
• Knowledge of security best practices
• Excellent problem-solving skills
• Strong communication skills
• Must be a US Citizen or legal permanent resident

Responsibilities

• Collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline
• Design, implement, and maintain security automation tools and processes
• Develop and enforce security policies, standards, and best practices for cloud-based and on-premises infrastructure
• Monitor and analyze security vulnerabilities and incidents
• Perform regular security assessments, including code reviews, vulnerability scans, and penetration tests
• Implement and manage security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection
• Work with development teams to ensure secure coding practices and compliance with security standards
• Lead efforts to secure Kubernetes clusters and containerized environments
• Manage infrastructure as code (IaC) using tools like Terraform, OpenTofu, or CloudFormation
• Automate security tasks and processes using Python and shell scripting
• Stay up-to-date with the latest security threats, technologies, and industry trends
• Participate in incident response and disaster recovery planning and execution

Preferred Qualifications

• Experience in security architecture and designing secure systems
• Knowledge of JavaScript and securing JavaScript-based applications
• Relevant certifications such as CISSP, Security+, or AWS Certified Security – Specialty
• Experience with automating security in a microservices architecture

Benefits

Remote work (#LI-Remote)