DevSecOps Engineer | Xometry Europe | Remote (United States)
Posted 2025-09-08
Remote, USA
Full Time
Immediate Start
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Xometry (NASDAQ: XMTR) powers the industries of today and tomorrow by connecting the people with big ideas to the manufacturers who can bring them to life. Xometry’s digital marketplace gives manufacturers the critical resources they need to grow their business while also making it easy for buyers at Fortune 1000 companies to tap into global manufacturing capacity.</p>
<h4><strong class=" font-semibold">Job Overview:</strong></h4>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">We are looking for mid-senior to senior-level cybersecurity professionals with a strong background in one or more of <strong class=" font-semibold">DevSecOps</strong>, network security, and security architecture. The <strong class=" font-semibold">DevSecOps Engineer</strong> will play a critical role in embedding security into every stage of the software development lifecycle. The ideal candidate will have a minimum of 3 years of experience in DevSecOps or related fields and a strong understanding of cloud platforms, security automation, and secure coding practices.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">Key Responsibilities:</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline, ensuring that security is embedded at every stage of the software development lifecycle.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Design, implement, and maintain security automation tools and processes to identify, manage, and remediate vulnerabilities in the development and production environments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Develop and enforce security policies, standards, and best practices for cloud-based and on-premises infrastructure.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Monitor and analyze security vulnerabilities and incidents, providing timely and effective remediation.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Perform regular security assessments, including code reviews, vulnerability scans, and penetration tests, to ensure the security of applications and infrastructure.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement and manage security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Work with development teams to ensure secure coding practices and compliance with security standards.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Lead efforts to secure Kubernetes clusters and containerized environments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Manage infrastructure as code (IaC) using tools like Terraform, OpenTofu, or CloudFormation to ensure secure and scalable deployments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Automate security tasks and processes using Python and shell scripting.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Stay up-to-date with the latest security threats, technologies, and industry trends, and apply this knowledge to enhance the security posture of the organization.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Participate in incident response and disaster recovery planning and execution.</span></li>
</ul>
<h4><strong class=" font-semibold">Qualifications:</strong></h4>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Minimum of 5+ years of experience in DevSecOps, DevOps, or a related field, with a strong focus on security.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with AWS or deep fluency in one of GCP or Azure, with a strong desire to expand knowledge into AWS.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with CI/CD tools such as Github Actions, Jenkins, GitLab CI, or CircleCI, and experience in integrating security tools into these pipelines.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands-on experience with Kubernetes, including securing and managing clusters in production environments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with infrastructure as code (IaC) tools such as Terraform, OpenTofu, or CloudFormation.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong programming skills in Python and shell scripting for automation and security tasks.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of security best practices, including secure coding, encryption, authentication, and access control.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Excellent problem-solving skills, with the ability to troubleshoot complex security issues.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong communication skills, with the ability to convey technical security information to non-technical stakeholders.</span></li>
</ul>
<h4><strong class=" font-semibold">Preferred Qualifications:</strong></h4>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience in security architecture and designing secure systems.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of JavaScript and securing JavaScript-based applications.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Relevant certifications such as CISSP, Security+, or AWS Certified Security – Specialty.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with automating security in a microservices architecture.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (or equivalent work experience).</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">#LI-Remote</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Here at Xometry we believe in diversity, equity, inclusion and belonging. We are committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness and providing a positive workplace for all.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Xometry is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.</p>
<h4><strong class=" font-semibold">Job Overview:</strong></h4>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">We are looking for mid-senior to senior-level cybersecurity professionals with a strong background in one or more of <strong class=" font-semibold">DevSecOps</strong>, network security, and security architecture. The <strong class=" font-semibold">DevSecOps Engineer</strong> will play a critical role in embedding security into every stage of the software development lifecycle. The ideal candidate will have a minimum of 3 years of experience in DevSecOps or related fields and a strong understanding of cloud platforms, security automation, and secure coding practices.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">Key Responsibilities:</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline, ensuring that security is embedded at every stage of the software development lifecycle.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Design, implement, and maintain security automation tools and processes to identify, manage, and remediate vulnerabilities in the development and production environments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Develop and enforce security policies, standards, and best practices for cloud-based and on-premises infrastructure.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Monitor and analyze security vulnerabilities and incidents, providing timely and effective remediation.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Perform regular security assessments, including code reviews, vulnerability scans, and penetration tests, to ensure the security of applications and infrastructure.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement and manage security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Work with development teams to ensure secure coding practices and compliance with security standards.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Lead efforts to secure Kubernetes clusters and containerized environments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Manage infrastructure as code (IaC) using tools like Terraform, OpenTofu, or CloudFormation to ensure secure and scalable deployments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Automate security tasks and processes using Python and shell scripting.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Stay up-to-date with the latest security threats, technologies, and industry trends, and apply this knowledge to enhance the security posture of the organization.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Participate in incident response and disaster recovery planning and execution.</span></li>
</ul>
<h4><strong class=" font-semibold">Qualifications:</strong></h4>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Minimum of 5+ years of experience in DevSecOps, DevOps, or a related field, with a strong focus on security.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with AWS or deep fluency in one of GCP or Azure, with a strong desire to expand knowledge into AWS.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with CI/CD tools such as Github Actions, Jenkins, GitLab CI, or CircleCI, and experience in integrating security tools into these pipelines.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands-on experience with Kubernetes, including securing and managing clusters in production environments.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with infrastructure as code (IaC) tools such as Terraform, OpenTofu, or CloudFormation.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong programming skills in Python and shell scripting for automation and security tasks.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of security best practices, including secure coding, encryption, authentication, and access control.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Excellent problem-solving skills, with the ability to troubleshoot complex security issues.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong communication skills, with the ability to convey technical security information to non-technical stakeholders.</span></li>
</ul>
<h4><strong class=" font-semibold">Preferred Qualifications:</strong></h4>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience in security architecture and designing secure systems.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of JavaScript and securing JavaScript-based applications.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Relevant certifications such as CISSP, Security+, or AWS Certified Security – Specialty.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with automating security in a microservices architecture.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (or equivalent work experience).</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">#LI-Remote</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Here at Xometry we believe in diversity, equity, inclusion and belonging. We are committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness and providing a positive workplace for all.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Xometry is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.</p>