Security DevOps Engineer

Xometry Inc
Rockville, MD
Oct 14, 2021
Oct 18, 2021
Full Time
Xometry has experienced massive growth over the past 3 years. We believe we need to continue to evolve our products and services to support future growth and market execution. With growth comes expansion in the form of Xometry employees, products & services, technology, process, and a new high bar for excellence.The role will be responsible for engineering and implementing Xometry's Cyber Security program initiatives. This critical role ensures Xometry's data are protected from unauthorized access and disclosure. We believe safeguarding our customers' and partners' information is more than just checking a box for compliance reasons; we believe it's the right thing to do. We also believe a strong, adaptive Cyber Security program creates a virtuous cycle, one that builds trust with our customers and partners, which attracts more customers and partners, and so on. We expect the person in this role to apply his/her knowledge to mature Xometry's Cyber Security program as the businesses continue to grow.This role requires the individual to balance the needs of the businesses and available resources while developing and implementing solutions to secure the company. We expect the person in this role to apply cyber security industry best practices (NIST, CSA, OWASP, ISO) to evolve Xometry's existing processes and technology at the pace of the business growth. You will be working with members across the enterprise, including technology, product, finance, and other parts of Xometry to understand their current cyber security state, then identifying gaps and engineering solutions to align with the security program initiatives. You will own both the engineering, implementation, and documentation functions related to security. You will also work closely with the IT Support and System Reliability Engineering (SRE) teams to operationalize the solutions for the endpoints, infrastructure, and cloud services.Xometry's platform and corporate functions utilize multiple cloud service providers. The ideal candidate would be well versed in cloud technologies, including IaaS, PaaS, SaaS, hybrid, and multi-cloud. The role requires the individual to understand the different security challenges across the entire technology stack, including physical, networking, and application. We expect the person to have excellent communication skills in order to work with the various business units, team members, and management. We also expect the individual to self-manage his/her time, ask for and provide help when needed, and own the challenge until it is resolved.What You Will Be DoingCollaborate with business and technical members across to the enterprise to understand the current cyber security stateIdentify gaps between existing controls and Xometry's cyber security roadmapEngineer the solutions (processes, technologies) to mitigate the control gapsPresent the proposed solutions to the Senior Information Security OfficerDocument and implement the new security controlsCollaborate with IT Support and Site Reliability Engineering (SRE) to operationalize the controlsDevelop FAQ/Wiki to communicate new security capabilities to the enterpriseTake part of on-call rotation to triage any potential security incidentsWho We Are Looking ForIn-depth knowledge of cloud technology and security (AWS, Terraform)In-depth knowledge of CI/CD tools (DAST, SAST, Gitlab)In-depth knowledge of information security best practices (NIST, CMMC, CSA, OWASP, ISO)Knowledge of application security (static analysis, dynamic analysis, automated testing)Knowledge of operating systems (Linux, Windows)Knowledge of virtualization technologies (Docker/Kubernetes)Knowledge of scripting languages (Powershell, bash)Curiosity and passion for all things security and technology relatedWillingness to ask for as well as provide help when neededStrong verbal/written communication and presentation skills, including an ability to effectively communicate with both business and technical teamsAbility to influence others, strong attention to detail, excellent organization skills, and ability to time manage multiple projectsWhat's In It For YouCompetitive base salary, bonus & equity planHealth, dental, vision & life insurance coverage401(k) and company matchPaid time offYou'll be surrounded by a collaborative team that is working together to reshape the future of manufacturingWe move fast and experiment across the organization, and we aren't afraid to try new thingsWe invest in growing our people "A cents € personally and professionallyXometry is the source for on-demand manufacturing, offering massive capacity, instant online quotes, fast lead times, and affordable pricing. Our global network of over 5,000 manufacturing facilities enables us to maintain consistently fast lead times while offering a broad array of capabilities includes CNC machining, injection molding, sheet metal fabrication, urethane casting, and a industry-leading 3D printing service. We have a diverse customer base, ranging from startups to Fortune 100 companies and can make anything from a single prototype to millions of parts.If this job isn't for you but you have a friend who may be a perfect fit - share this job with them!Xometry is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.Xometry participates in E-Verify and after a job offer is accepted, will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the US