DevSecOps Engineer

August 18

Apply Now

Receive Emails with Similar Jobs

Xometry Europe

WebsiteLinkedInAll Job Openings

Xometry is the global leader in on-demand manufacturing offering custom & serial parts manufacturing with such machining methods as CNC machining, turning, sheet metal processing, 3D printing, injection moulding, and die casting$1. .$1

CNC machining • CNC turning • CNC milling • On-demand manufacturing • Contract manufacturing

501 - 1000

Description

• Collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline, ensuring that security is embedded at every stage of the software development lifecycle. • Design, implement, and maintain security automation tools and processes to identify, manage, and remediate vulnerabilities in the development and production environments. • Develop and enforce security policies, standards, and best practices for cloud-based and on-premises infrastructure. • Monitor and analyze security vulnerabilities and incidents, providing timely and effective remediation. • Perform regular security assessments, including code reviews, vulnerability scans, and penetration tests, to ensure the security of applications and infrastructure. • Implement and manage security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection. • Work with development teams to ensure secure coding practices and compliance with security standards. • Lead efforts to secure Kubernetes clusters and containerized environments. • Manage infrastructure as code (IaC) using tools like Terraform, OpenTofu, or CloudFormation to ensure secure and scalable deployments. • Automate security tasks and processes using Python and shell scripting. • Stay up-to-date with the latest security threats, technologies, and industry trends, and apply this knowledge to enhance the security posture of the organization. • Participate in incident response and disaster recovery planning and execution.

Requirements

• Minimum of 5+ years of experience in DevSecOps, DevOps, or a related field, with a strong focus on security. • Experience with AWS or deep fluency in one of GCP or Azure, with a strong desire to expand knowledge into AWS. • Proficiency with CI/CD tools such as Github Actions, Jenkins, GitLab CI, or CircleCI, and experience in integrating security tools into these pipelines. • Hands-on experience with Kubernetes, including securing and managing clusters in production environments. • Proficiency with infrastructure as code (IaC) tools such as Terraform, OpenTofu, or CloudFormation. • Strong programming skills in Python and shell scripting for automation and security tasks. • Knowledge of security best practices, including secure coding, encryption, authentication, and access control. • Excellent problem-solving skills, with the ability to troubleshoot complex security issues. • Strong communication skills, with the ability to convey technical security information to non-technical stakeholders.