Xometry

Web Application Security Engineer, Vulnerability Remediation

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Xometry

Xometry is an AI-powered on-demand industrial parts marketplace that connects engineers, designers, and manufacturers through a digital platform. Founded in 2013 and headquartered in North Bethesda, Maryland, the company went public in 2021 and trades on the Nasdaq under the symbol XMTR. Xometry serves over 43,000 buyers, including about 30% of the Fortune 500, and has a network of 5,000 sellers, facilitating the manufacture of more than 6 million unique parts. The company operates a proprietary platform that allows customers to submit CAD files and specifications for instant quoting and manufacturability feedback. Xometry offers six core manufacturing processes: CNC machining, 3D printing, injection molding, urethane casting, sheet metal fabrication, and die casting and weldment fabrication. The platform provides 24/7 access to pricing and lead times, with a variety of materials and finishes available. Xometry has also expanded its offerings through strategic acquisitions, enhancing its capabilities and services in the manufacturing sector.

Industry

information technology & services

Employees

1,100

196 engineers

Revenue

$546M

Website

Visit →

Security at Xometry

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

“Xometry's AppSec philosophy emphasizes external validation through third-party penetration tests to ensure application security. They enforce strong access controls by requiring multi-factor authentication for platform access. Their approach includes proactive vulnerability management, as evidenced by job responsibilities for SAST analysis and remediation. Furthermore, they aim for a shift-left strategy by integrating security into CI/CD pipelines and building security guardrails, including for AI tools. However, explicit statements regarding their AppSec mission, developer enablement approach, or detailed risk philosophy are not publicly available.”

Security Team

Xometry operates a dedicated Security Operations team responsible for data protection. The company has approximately 1,247 employees. While public job postings indicate active hiring for roles like Security Engineer (with SAST analysis responsibilities) and Staff Security Architect (focused on CI/CD integration and AI security guardrails), an authoritative AppSec-specific headcount, organizational chart, or specific public-facing leaders with quotes are not publicly available. The search queries included 'Tarit Mitra Xometry' and 'Brendan Hamilton Xometry', but no specific leadership information was found in the provided findings.

Key Initiatives

Xometry engages in several security initiatives, including regularly scheduled third-party penetration tests to ensure application security and requiring multi-factor authentication for platform access. They have achieved CMMC Level 2 certification. The company partners with Okta for workforce identity, which has enabled automation of identity lifecycles. Their development practices include integrating security into CI/CD pipelines and building security guardrails, with responsibilities for SAST analysis and remediation. There is no public evidence of a specific 'Security Champions' program, nor detailed information on vulnerability triage or remediation SLAs.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.