xometry

Staff Cyber Resilience Engineer

Preview — apply on company site for full detailsApply Now

At a Glance

Location: Denver, Colorado, United States
Work Regime: hybrid
Experience: 8+ years
Compensation: r new hires into this role is $205,000- $233,000 annually + annual bonus depen
Posted: 2026-03-24T15:48:02-04:00

Key Requirements

Required Skills

AWSAzureCI/CDGCPKubernetesPythonTerraform

Domain Knowledge

Engineering
Government
Insurance
Medical

Benefits & Perks

Health Insurance

medical, dental and vision insurance; life and disability insurance; generou

Requirements

8+ years of experience in complex cloud environments (any of AWS/GCP/Azure), including at least 3 years in AWS. EKS/Kubernetes experience is a strong plus.

You should be able to modularize complex environments so they are environment-agnostic.

Hands-on familiarity with the Secure Vault pattern: protecting data in a separate, highly restricted AWS account with tight network controls.

Advanced shell scripting and proficiency in either Python or Go to automate restoration tasks that native AWS tooling doesn’t cover.

Experience with CI/CD tooling (Scalr, GitHub Actions, or equivalent) to enable broad adoption of recovery pipelines across the organization.

Proven ability to engineer and automate end-to-end restoration workflows.

Responsibilities

Own Our Recovery Architecture

Design and build our Isolated Recovery Environment — a hardened AWS account with immutable vaults that break the attacker’s kill chain before it reaches our data.

Threat model our environment with a deep understanding of cloud-native attack patterns: IAM privilege escalation, backup deletion, ransomware persistence, and lateral movement across accounts.

Validate and continuously improve backup configurations to ensure recoverability, not just existence.

Standardize and Automate Infrastructure

Lead our transition to 100% Infrastructure as Code.