Security Engineer at XDOF

San Francisco, California, United States -

Full Time

Start Date

Immediate

Expiry Date

10 Jul, 26

Salary

0.0

Posted On

11 Apr, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

AWS, IAM, Python, Go, Kubernetes, Infrastructure-as-Code, GitOps, API Security, Threat Modeling, DDoS Protection, RBAC, Network Security, Firmware Security, Embedded Systems, SOC 2 Compliance, Robotics

Industry

Description

Security Engineer At xdof, we’re at an inflection point. Frontier labs are racing to build general-purpose robots, and high-quality training data is the bottleneck. We’re building the foundation behind the foundation models – the data collection systems, operational capability, exabyte-scale data warehouse, and software toolchain – to help our partners drive the field forward. As more enterprise partners depend on our platform, security is infrastructure. We’re looking for a Security Engineer to own the security posture of our AWS environment and the external-facing platform our B2B customers integrate with every day. We’re early-stage, so you’ll have broad scope for security ownership across the stack. What You’ll Do Security engineers build the controls and trust layer that let our platform scale safely. Sample projects include: designing and enforcing IAM policies and permission boundaries so every user and service operates at minimum privilege hardening the external APIs our partners integrate with, including auth flows, threat modeling, rate limiting, and DDoS protection architecting secure AWS infrastructure with IaC and automated guardrails that catch misconfigurations before production securing Kubernetes clusters through RBAC, network policies, admission controllers, and secrets management addressing lower-level concerns such as firmware pipelines, on-device security, or secure data ingestion from robotics hardware About You Baseline skills: 5+ years in security engineering or software engineering with a strong security focus deep hands-on experience with AWS security primitives (IAM, SCPs, VPCs, networking, logging, and encryption services) track record securing external-facing APIs and platforms in a B2B context proficiency with Infrastructure-as-Code and a GitOps-driven approach to managing environments fluency with Python or Go You might be a good fit if you: have experience with embedded systems, firmware security, or securing hardware-software interfaces have prior experience in robotics, IoT, or environments where cloud platforms meet physical devices have familiarity with SOC 2 compliance and experience automating evidence collection and audit preparation have worked across multiple security domains (network, application, infrastructure, device) and enjoy context-switching are very comfortable working in 0→1 environments are mission-driven and passionate about robotics: work at xdof is fast-paced and constant. We hope you love what you’re going to be doing, because you’ll be doing a lot of it!

Responsibilities

The Security Engineer will own the security posture of the AWS environment and external-facing B2B platform. Responsibilities include designing IAM policies, hardening APIs, architecting secure infrastructure with IaC, and managing Kubernetes security.