We are seeking an Application Security Engineer with a strong background in web application security design, secure development practices, and vulnerability testing. This role also requires practical experience with Software Bill of Materials (SBOM) management and implementation, contributing to our secure SDLC and software supply chain risk reduction efforts.

Duties and Responsibilities:

• Perform threat modeling, security architecture review, and design analysis for web applications and APIs.
• Conduct manual and automated security testing during development and pre-release stages.
• Design and implement security pipelines (including SAST and DAST) and integrate them into the SDLC process.
• Implement and manage SBOM generation and consumption processes across the SDLC.
• Collaborate with development teams to ensure timely remediation of identified vulnerabilities.
• Maintain security guidance aligned with OWASP best practices and provide trainings for development teams.
• Stay current with evolving application security threats, tools, and industry developments.

Qualifications and Experience:

• 3–5 years of experience in application security, with a focus on web applications and API security.
• Good knowledge of at least one scripting or programming language (e.g., Python, JavaScript, C#, or Go).
• Experience with tools like OWASP ZAP, Burp Suite, Snyk, or similar.
• Familiarity with secure coding, DevSecOps, and container security concepts.
• Strong understanding of CVE, CVSS, and vulnerability disclosure workflows.
• Excellent command of business English.
• Preferred Qualifications:
• Knowledge of SBOM standards (CycloneDX, SPDX) and experience integrating SBOM tooling into CI/CD pipelines.
• Knowledge of software composition analysis (SCA) tools.

We are looking for: Case Manager who will strengthen our Operations team.

As a Case Manager, you will join a fast-moving team of technical professionals solving supply chain challenges for customized parts.

Functional Responsibilities:
As part of Case Management, you will:

• Take actions to improve on-time delivery, quality, and customer satisfaction.

• Track and monitor the progress of multiple customer orders and partner jobs.

• Provide excellent customer and partner service through relationship-building, partnership creation, and timely order updates.

• Apply technical knowledge (or leverage subject matter experts) on manufacturing design and production to ensure timely job delivery.

• Understand supplier capabilities and execute supplier oversight, including phone assessments, schedule creation, quality reviews, and corrective actions.

• Assess the impact of manufactured part rejections and communicate with suppliers and customers to resolve issues.

• Manage customer complaints resulting in product replacements.

• Report status, risks, and recovery efforts for troubled orders and jobs.

Job Duties:

• Document all case activity in the central database.

• Utilize company technology platforms and comply with the Quality Management System.

• Monitor the integrity of supplier quality metrics.

• Interface with Engineering, Customer Care, Quality, Sales, and Shipping teams to ensure manufacturing processes meet customer expectations.

• Communicate effectively with all key stakeholders, including suppliers, customers, and leadership.

• Participate in initiatives to simplify and automate complex processes.

• Perform all work in compliance with Xometry's quality and safety systems, policies, and procedures.

Requirements:

• Prior project management, supply chain, and customer service experience.

• Minimum of 3 years of relevant experience, preferably in manufacturing or operations.

• Ability to perform root cause analysis and identify solutions to complex problems.

Education:

• Bachelor of Science degree in Supply Chain, Engineering, or a related technical field preferred.

• Knowledge and experience in manufacturing processes, engineering drawings, and mechanical/electrical inspection methods.

Personal Qualities:

• Self-starter capable of working independently and driving actions to completion.

• Strong organizational skills and adaptability in a dynamic environment.

• Ability to multitask, meet deadlines, and support all supplier quality field activities.

• Excellent communication skills (oral and written), capable of managing up and laterally.

Language Skills:

• English: C1

Working conditions:

• Remote full-time job.
• Fixed rate depending on the career level.
• Corporate Laptop.
• Free corporate language courses.
• Ability to grow and develop your career.
• Salary reviews and other benefits.

Team spirit and friendly atmosphere: we work in an open, friendly and trusting environment that welcomes initiative. In the Xometry team, everyone is ready to help and support in difficult times, and we always celebrate victories together and appreciate the contribution of everyone.

Development opportunities: we are a fast growing company, each new task is an interesting challenge for the team.

We care: ongoing free of charge well-being activities for our people, charity projects worldwide.

Flexibility: speed and flexibility are some of our advantages, allowing us to achieve amazing results. We have flexible processes and planning, we can respond to rapidly changing conditions and remain effective in the face of uncertainty.

Onboarding: Well structured onboarding plan for new employees combining all in one process, technology, and systems components.

#LI-Remote

Xometry is seeking a dedicated Case Manager to join our team. If you thrive in a fast-paced environment, love solving supply chain challenges, and have a passion for exceptional customer service, this role is for you! Join our dynamic team and help drive efficiency, quality, and innovation in manufacturing. As a Case Manager, you will be part of a fast-moving team of technical professionals who solve supply chain problems for customized parts.

Responsibilities:

• Take actions to improve on time delivery, quality, and customer satisfaction.
• Track and monitor the progress of numerous customer orders and partner jobs.  
• Provide excellent customer and partner service by building relationships, creating partnerships, and by providing frequent and timely customer interactions on order updates.
• Apply first-hand technical knowledge (or leverage other subject matter experts) on manufacturing design and production to ensure jobs are delivered on time.
• Understand supplier capabilities and execute supplier oversight activities, which include frequent phone assessments, detailed schedule creation, quality reviews, and supplier corrective actions.
• Assess the impact of manufactured part rejections; communicate with suppliers and customers to work through problems and resolve cases.
• Manage customer complaints that result in replacements for returned products.
• Report out on status, risk, and efforts to recover troubled orders and jobs.
• Document all case activity in the central database.
• Leverage company technology platforms and comply with the Quality Management System.
• Monitor the integrity of supplier quality metrics.
• Interface with Engineering, Customer Care, Quality, Sales, and Shipping teams to ensure manufacturing processes are capable of customer on-time delivery and satisfaction.
• Effectively communicate with all key stakeholders, including suppliers, customers, and leadership.
• Participate and provide input on initiatives to simplify and automate complex processes.
• Perform all work in compliance with Xometry's quality and safety systems, policies, and procedures.

Qualifications:

• Prior project management, supply chain, and customer service experience are required.
• A minimum of 3 years of related experience, preferably in manufacturing or operations.
• A Bachelor of Science Degree in Supply Chain, Engineering, or a technical related field is preferred.
• Working knowledge of and/or education, skills, and experience associated with manufacturing processes, engineering drawing requirements, and mechanical and electrical inspection methods.
• Capable of performing root cause analysis and identifying solutions to complex problems.
• A self-starter who can work independently and can drive actions to completion.
• Strong organizational skills and the ability to work in a dynamic environment.
• Able to multitask, meet deadlines, and support all supplier quality field activities.
• Strong communication skills (both oral and written) + ability to manage up and to the side.
• A Bachelor of Science Degree in Supply Chain, Engineering, or a technical related field is preferred.
• Working knowledge of and/or education, skills, and experience associated with manufacturing processes, engineering drawing requirements, and mechanical and electrical inspection methods.

Personal qualities:

• Capable of performing root cause analysis and identifying solutions to complex problems.
• A self-starter who can work independently and can drive actions to completion.
• Strong organizational skills and the ability to work in a dynamic environment.
• Able to multitask, meet deadlines, and support all supplier quality field activities.
• Strong communication skills (both oral and written) + ability to manage up and to the side.

Language skills:

• English C1

Country of Location:

• Remote

Holiday calendar:

• USA holidays

Time Zone:

• Eastern Time - USA

Apply now and become part of our journey!

#LI-Remote

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
🚀 Career growth opportunities in an international and dynamic environment;
📚 Opportunity to develop language skills with partial compensation for language courses;
🎁 Special gifts for birthdays, weddings, and newborns;
🏝️ 20 working days of paid annual vacation, 6 paid sick leaves;
🍲 Office snacks and refreshments;
🏋️‍♂️ Sports package to support a healthy lifestyle;
🩺 Comprehensive medical insurance for you and your partner;
📍 Comfortable office with great facilities in a prime location;
 🎉 Exciting corporate events, team-building activities, and international company parties.

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
🏝 24 vacation days annually 
🤒 6 sick days without a medical certificate 
🏥 Premium Health Insurance (coverage up to 5,000 EUR annually) 
🎉 Special occasion gifts: birthday, wedding, newborn 
📚 Learning & Development budget (for conferences, courses and certifications) 
🌍 Corporate events: international parties, team buildings, activities 
📈 Career growth opportunities in a fast-growing company 
✈️ Relocation package for international candidates 
🏋️ Sports package (FitPass membership) 
🗣️ Language classes: Serbian & English (company-covered)

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
🚀 Career growth opportunities in an international and dynamic environment; 
📚 Opportunity to develop language skills with partial compensation for language courses; 
🎁 Special gifts for birthdays, weddings, and newborns; 
🏝️ 20 working days of paid annual vacation, plus 6 paid sick leaves; 
🍲 Office snacks and refreshments;
🏋️‍♂️ Sports package to support a healthy lifestyle;
🩺 Comprehensive medical insurance; 
📍 Comfortable office with great facilities in a prime location; 
 🎉 Exciting corporate events, team-building activities, and international company parties.

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
💻 Learning and development opportunities and interesting, challenging tasks.
✈️ Relocation package (tickets, staying in a hotel for up to 2 weeks, and visa relocation support for our employees and their family members).
📚 Opportunity to develop language skills, with partial compensation for the cost of English and Portuguese language classes (for localization purposes). 
🎾 Partial compensation for tennis and padel lessons. 
🏀 Urban Sport membership benefit (the most diverse sports and wellness offering in Europe, with more than 50+ activities). 
🏥 Private medical coverage, including inpatient, outpatient, dental care, annual check-ups, and maternity support. 
🏝 Time for proper rest, with 24 non-business days per year and an additional 6 paid sick days. 
🚌 Transport compensation - 200 euros net per month. 
📈 Competitive remuneration level with annual review. 
🤝 Teambuilding activities.