Web Application Security Engineer, Vulnerability Remediation

Xometry (NASDAQ: XMTR) powers the industries of today and tomorrow by connecting the people with big ideas to the manufacturers who can bring them to life. Xometry’s digital marketplace gives manufacturers the critical resources they need to grow their business while also making it easy for buyers at Fortune 1000 companies to tap into global manufacturing capacity.

Xometry is seeking a Security Engineer - Vulnerability Remediation to join our team and play a critical role in safeguarding our web applications and services, which are primarily built with Python and Javascript. This role will focus on analyzing and remediating vulnerabilities within the codebase.

Responsibilities

• Analyze security vulnerability reports generated through static application security testing (SAST)
• Build automation to assist with automatic upgrades and vulnerability tracking.
• Deep dive into identified vulnerabilities within the codebase to understand their root cause and potential impact.
• Develop, test and implement secure code solutions to remediate vulnerabilities in a timely manner, prioritizing critical issues first.
• Stay up-to-date on the latest web application security threats and best practices.
  
  

Qualifications

• 3+ years experience of Python as well as Javascript technologies such as Node.js, TypeScript
• Experience with containerization technologies such as Docker and Kubernetes
• Experience working in cloud environments AWS, GCP, or Azure
• Excellent analytical and problem-solving skills
• Strong communication and collaboration skills
• Comfortable working across a diverse range of of product and technology teams
• Ability to work independently and manage multiple tasks effectively
• Previous experience at a marketplace or online product led platform company is a major plus
  
  

Preferred

• Experience in web application security with a strong understanding of common vulnerabilities (e.g., SQL injection, XSS)
• Knowledge of secure coding practices in Python and Javascript
• Experience working with SAST tools
• Experience with AWS security best practices
  
  

Xometry is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

For US based roles: Xometry participates in E-Verify and after a job offer is accepted, will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.