Xometry is hiring a
Senior DevSecOps Engineer

Summary

Xometry is seeking a senior-level cybersecurity professional with a focus on DevSecOps, network security, and security architecture. The role involves collaborating with teams to integrate security into the CI/CD pipeline, designing and maintaining security automation tools, performing regular security assessments, and managing infrastructure as code.

Requirements

• Minimum of 5+ years of experience in DevSecOps, DevOps, or a related field, with a strong focus on security
• Experience with AWS or deep fluency in one of GCP or Azure
• Proficiency with CI/CD tools such as Github Actions, Jenkins, GitLab CI, or CircleCI
• Hands-on experience with Kubernetes
• Proficiency with infrastructure as code (IaC) tools such as Terraform, OpenTofu, or CloudFormation
• Strong programming skills in Python and shell scripting
• Knowledge of security best practices, including secure coding, encryption, authentication, and access control
• Excellent problem-solving skills
• Strong communication skills

Responsibilities

• Collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline
• Design, implement, and maintain security automation tools and processes
• Develop and enforce security policies, standards, and best practices for cloud-based and on-premises infrastructure
• Monitor and analyze security vulnerabilities and incidents
• Perform regular security assessments, including code reviews, vulnerability scans, and penetration tests
• Implement and manage security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection
• Work with development teams to ensure secure coding practices and compliance with security standards
• Lead efforts to secure Kubernetes clusters and containerized environments
• Manage infrastructure as code using tools like Terraform, OpenTofu, or CloudFormation
• Automate security tasks and processes using Python and shell scripting

Preferred Qualifications

• Experience in security architecture and designing secure systems
• Knowledge of JavaScript and securing JavaScript-based applications
• Relevant certifications such as CISSP, Security+, or AWS Certified Security – Specialty
• Experience with automating security in a microservices architecture
• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (or equivalent work experience)