Xometry Logo

Xometry

Staff DevSecOps Engineer

Job Posted 4 Days Ago Reposted 4 Days Ago
Be an Early Applicant
Boston, MA
80K-120K
Senior level
Boston, MA
80K-120K
Senior level
The Staff DevSecOps Engineer will embed security in software development, manage vulnerabilities, and automate security tasks while ensuring secure coding practices.
The summary above was generated by AI

Xometry (NASDAQ: XMTR) powers the industries of today and tomorrow by connecting the people with big ideas to the manufacturers who can bring them to life. Xometry’s digital marketplace gives manufacturers the critical resources they need to grow their business while also making it easy for buyers at Fortune 1000 companies to tap into global manufacturing capacity.

Job Overview:

We are looking for staff-level cybersecurity professionals with a strong background in one or more of DevSecOps, network security, and security architecture. The DevSecOps Engineer will play a critical role in embedding security into every stage of the software development lifecycle. The ideal candidate will have a minimum of 8+ years of experience in DevSecOps or related fields and a strong understanding of cloud platforms, security automation, and secure coding practices.

Key Responsibilities:

  • Collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline, ensuring that security is embedded at every stage of the software development lifecycle.
  • Design, implement, and maintain security automation tools and processes to identify, manage, and remediate vulnerabilities in the development and production environments.
  • Develop and enforce security policies, standards, and best practices for cloud-based and on-premises infrastructure.
  • Monitor and analyze security vulnerabilities and incidents, providing timely and effective remediation.
  • Perform regular security assessments, including code reviews, vulnerability scans, and penetration tests, to ensure the security of applications and infrastructure.
  • Implement and manage security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection.
  • Work with development teams to ensure secure coding practices and compliance with security standards.
  • Lead efforts to secure Kubernetes clusters and containerized environments.
  • Manage infrastructure as code (IaC) using tools like Terraform, OpenTofu, or CloudFormation to ensure secure and scalable deployments.
  • Automate security tasks and processes using Python and shell scripting.
  • Stay up-to-date with the latest security threats, technologies, and industry trends, and apply this knowledge to enhance the security posture of the organization.
  • Participate in incident response and disaster recovery planning and execution.
Qualifications:
  • Minimum of 8+ years of experience in DevSecOps, DevOps, or a related field, with a strong focus on security.
  • Experience with AWS or deep fluency in one of GCP or Azure, with a strong desire to expand knowledge into AWS.
  • Proficiency with CI/CD tools such as Github Actions, Jenkins, GitLab CI, or CircleCI, and experience in integrating security tools into these pipelines.
  • Hands-on experience with Kubernetes, including securing and managing clusters in production environments.
  • Proficiency with infrastructure as code (IaC) tools such as Terraform, OpenTofu, or CloudFormation.
  • Strong programming skills in Python and shell scripting for automation and security tasks.
  • Knowledge of security best practices, including secure coding, encryption, authentication, and access control.
  • Excellent problem-solving skills, with the ability to troubleshoot complex security issues.
  • Strong communication skills, with the ability to convey technical security information to non-technical stakeholders.
  • Must be a US Citizen or legal permanent resident (Xometry handles ITAR data)
Preferred Qualifications:
  • Experience in security architecture and designing secure systems.
  • Knowledge of JavaScript and securing JavaScript-based applications.
  • Relevant certifications such as CISSP, Security+, or AWS Certified Security – Specialty.
  • Experience with automating security in a microservices architecture.
  • Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (or equivalent work experience).

#LI-Hybrid

Xometry is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

For US based roles: Xometry participates in E-Verify and after a job offer is accepted, will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

Top Skills

AWS
Azure
Ci/Cd
CircleCI
CloudFormation
Devsecops
GCP
Github Actions
Gitlab Ci
Jenkins
Kubernetes
Network Security
Opentofu
Python
Security Architecture
Shell Scripting
Terraform

Similar Jobs

13 Days Ago
Easy Apply
Woburn, MA, USA
Easy Apply
Senior level
Senior level
Machine Learning • Security • Software • Analytics • Defense
The Senior Software Reverse Engineer will reverse engineer software and firmware, develop tools for analysis, and create cybersecurity solutions, demanding a blend of technical skills in vulnerability research and coding.
Top Skills: Afl++ArmAssembly LanguagesBinary NinjaC/C++GhidraIda ProPythonQemuX86
23 Days Ago
Boston, MA, USA
100K-150K
Mid level
100K-150K
Mid level
Information Technology • Consulting
As a Vice President of Forensics, you will perform forensic collections, advise clients, ensure compliance with best practices, and stay updated on trends in digital forensics and eDiscovery.
Top Skills: CellebriteElcomsoft SuiteEncaseForensic Tool Kit (Ftk)Magnet AxiomOxygen ForensicsX-Ways
19 Days Ago
Boston, MA, USA
140K-175K
Mid level
140K-175K
Mid level
Software
As an IT Manager at Tines, you'll manage IT requests, improve operations, oversee software tools, and lead IT teams to enhance service.
Top Skills: Google WorkspacemacOSMdmNetworkingSecuritySsoVpns

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account