Jobless Developer
xdof logo
xdof

Posted 2 months ago

Open

Security Engineer

San Mateo HybridHybridFull-time

AI Summary

Security Engineer responsible for the security posture of the AWS environment and external-facing platform, owning access controls, cloud IAM, API security, IaC guardrails, and edge device security across a B2B SaaS/hardware-integrated stack.

About this role

At xdof, we’re at an inflection point. Frontier labs are racing to build general-purpose robots, and high-quality training data is the bottleneck. We’re building the foundation behind the foundation models – the data collection systems, operational capability, exabyte-scale data warehouse, and software toolchain – to help our partners drive the field forward.

As more enterprise partners depend on our platform, security is infrastructure. We’re looking for a Security Engineer to own the security posture of our AWS environment and the external-facing platform our B2B customers integrate with every day. We’re early-stage, so you’ll have broad scope for security ownership across the stack.

What You’ll Do

Security engineers build the controls and trust layer that let our platform scale safely. Sample projects include:

  • designing the identity and access layer that authenticates customers, internal users, and physical devices under a single coherent token and tenancy model

  • designing and enforcing cloud IAM policies and permission boundaries so every user and service operates at minimum privilege

  • hardening the external APIs our partners integrate with, including auth flows, threat modeling, rate limiting, and DDoS protection

  • architecting secure cloud infrastructure with IaC and automated guardrails that catch misconfigurations before production

  • securing Kubernetes clusters through RBAC, network policies, admission controllers, and secrets management

  • owning the device identity story for our edge hardware — provisioning, credential rotation, and the path to mTLS with managed PKI as we scale to externally deployed fleets

  • addressing lower-level concerns such as firmware pipelines, on-device security, and secure data ingestion from robotics hardware

Baseline skills:

  • 5+ years in security engineering or software engineering with a strong security focus

  • deep hands-on experience with cloud security primitives (IAM, organizational policies, VPCs, networking, logging, and encryption services)

  • track record securing external-facing APIs and platforms in a B2B context, including modern auth standards (OAuth 2.1, OIDC, JWT validation, multi-tenant token design)

  • proficiency with Infrastructure-as-Code and a GitOps-driven approach to managing environments

  • fluency with Python or Go

You might be a good fit if you:

  • have experience with embedded systems, firmware security, or securing hardware-software interfaces

Skills

Admission ControllersAWSCredential RotationDDoS ProtectionDevice Identity ProvisioningEmbedded SystemsEncryption ServicesFirmware SecurityGitOpsGOGuardrailsIAMIdentity And Access ManagementInfrastructure As CodeJWT ValidationKubernetesLoggingMTLSMulti-tenant Token DesignNetworkingNetwork PoliciesOAuth 2.1OIDCPKIPythonRate LimitingRBACSecrets ManagementSecure Data IngestionThreat ModelingVPC

Explore related jobs

More jobs at xdof

Similar Admission Controllers jobs

Browse these categories

AWS JobsEmbedded Systems JobsGO JobsIAM JobsInfrastructure As Code Jobs