Engineer IV, Cyber DevSecOps
About the role
X-energy LLC conducts a thorough recruiting process and will never issue offers without interview to discuss qualifications and responsibilities. All applications will be submitted via our company career page, www.x-energy.com/careers/. We will never ask you to provide payment information as part of the recruiting process. If anyone claiming to represent X-energy directs you in a manner otherwise, please contact us at www.x-energy.com/contact-us.
Responsibilities
- Support the design, implementation, and maintenance of secure CI/CD pipelines incorporating security scanning, vulnerability assessment, and compliance validation
- Integrate security tools and practices into DevOps workflows, including SAST, DAST, SCA, container security, and infrastructure-as-code scanning
- Contribute to cyber-informed engineering by embedding security requirements into system design, architecture decisions, and operational technology environments under guidance of senior engineers
- Develop and maintain security automation scripts, tools, and frameworks to enhance detection, response, and remediation capabilities
- Collaborate with development teams to implement secure coding practices, conduct security code reviews, and provide remediation guidance with moderate independence
- Assist in designing and implementing infrastructure security controls across AWS, including identity management, network segmentation, and secrets management
- Support security incident response activities by providing technical expertise in forensic analysis, root cause determination, and remediation implementation
- Contribute to establishing and maintaining security metrics, dashboards, and reporting mechanisms to track security posture across development and production environments
- Maintain professional demeanor and behavior at all times in all forms of communication
- Perform other duties as assigned by manager
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or related field; 3+ years DevOps/security experience; 1–2 years DevSecOps experience
- Security+ or equivalent; Certified DevSecOps Professional (CDP) (Required/Preferred)
- CISSP, CISM, AWS Security Specialty, Azure Security Engineer, or CKS (Preferred/Optional)
Qualifications
- Minimum Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field; 3+ years DevOps/security experience; 1–2 years DevSecOps experience; Security+ or equivalent; Certified DevSecOps Professional (CDP) (Required/Preferred); CISSP, CISM, AWS Security Specialty, Azure Security Engineer, or CKS (Preferred/Optional)
- Preferred Qualifications: AWS Certified Security – Specialty (strongly preferred; certification demonstrates hands-on AWS security expertise); AWS Solutions Architect – Associate or Professional certification demonstrating broad AWS architectural knowledge; Extensive hands-on experience with AWS security services, including but not limited to: AWS IAM, Security Groups, NACLs, AWS GuardDuty, AWS Security Hub, AWS Config, AWS CloudTrail, AWS KMS, AWS Secrets Manager, AWS WAF, AWS Shield, and VPC security architecture; Deep proficiency with AWS infrastructure-as-code tools including CloudFormation, AWS CDK, and Terraform for AWS deployments; Strong experience with GitLab CI/CD pipelines, including GitLab Runner configuration, pipeline security, artifact management, and GitLab security scanning features (SAST, DAST, container scanning, dependency scanning); Demonstrated ability to architect and implement AWS-native security controls for containerized workloads (ECS, EKS) and serverless architectures (Lambda, API Gateway); Experience implementing security automation and orchestration using AWS Lambda, Step Functions, EventBridge, and Systems Manager; Proficiency with AWS monitoring and logging for security operations using CloudWatch, CloudWatch Logs Insights, and integration with SIEM platforms; Proven track record of securing AWS network architectures, including Transit Gateway, PrivateLink, VPN, and Direct Connect configurations; Extensive hands-on experience with containerization security in AWS environments, including Docker security hardening, ECR image scanning, and Kubernetes (EKS) security best practices; Proficiency in scripting and automation using Python, Bash, or PowerShell specifically for AWS security operations and GitLab pipeline integration; Proven ability to mentor and guide development teams on AWS security best practices and secure GitLab workflows with minimal oversight
Benefits
- Medical/Dental /Vision Insurance
- Life and Disability Insurance
- Paid Time Off
- Tuition Reimbursement/Professional Development policy
- 401K plan with an employer match
- Comprehensive benefits package
Pay
As required by Maryland and other applicable state law, X Energy, LLC (X-energy) lists the expected compensation range for a publicly advertised job opportunity based upon the job requirements (e.g. education/training, experience, skill sets, etc.). Individual candidates who meet the job requirements for the posted position will be offered a salary within this range based on their respective levels of education/training, experience, and other qualifications unique to them. Salary ranges may vary based on the specific office location and region referenced in the posting to take into consideration differences in cost of living and may not be reflective of all regions.
Schedule
Standard office hours are 8:00am-5:00pm ET, Monday-Friday
Location
530 Gaither Road, Rockville, MD