DevSecOps Engineer

Atomic MachinesEitherOnsite

Atomic Machines is ushering in a new era in micromanufacturing with its Matter Compiler (MC) technology. The MC enables new classes of micromachines to be designed and built by offering manufacturing processes and a materials library that is inaccessible to semiconductor manufacturing methods. The MC promises to unlock MEMS manufacturing both for the many device classes that never could be made by semiconductor methods but also to open up entirely new classes. Furthermore, the MC is fully digital in the way 3D printing is digital, but where 3D printing produces parts of a single material using a single process, the MC is a multi-process, multi-material technology: bits and raw materials go in and complete, functional micromachines come out. The Atomic Machines team has also created an exciting first device – one that was only made possible by the existence of the Matter Compiler – that we will be unveiling to the world soon.

Our offices are in Emeryville and Santa Clara, California. About the role:We’re looking for a DevSecOps Engineer who will embed security into our engineering workflows, infrastructure, and software delivery lifecycle. You’ll be instrumental in establishing scalable, secure systems that enable innovation without compromising safety, integrity, or IP.

What You'll Do:

CI/CD and Application Security:
Secure and optimize GitLab CI/CD pipelines to include SAST, DAST, and SCA scanning.
Automate compliance gates and code quality checks in merge workflows.
Integrate security testing into development processes (“shift left”).
Infrastructure and Container Security:
Harden cloud-native infrastructure, particularly AWS, using tools like Terraform and AWS Config.
Enforce container security with tools such as Trivy, Falco, and Kube-bench.
Support Kubernetes or Docker-based environments and ensure runtime protection.
Secrets Management and IAM:
Implement secure secrets management using AWS Secrets Manager, Vault, or equivalent.
Work with engineering teams to scope IAM policies and roles based on least privilege.
Audit, rotate, and monitor credentials for dev pipelines and service accounts.
Threat and Vulnerability Management:
Integrate vulnerability scanning tools (e.g., Rapid7, Snyk) into build and deploy pipelines.
Triage, prioritize, and drive remediation efforts with developers and IT teams.
Monitor runtime environments for anomalous behavior or misconfigurations.
Security Awareness and Enablement:
Deliver security training to engineering teams on secure coding and pipeline hygiene.
Build tools, playbooks, and templates to help engineers adopt secure practices.
Foster a DevSecOps culture through automation, education, and policy alignment.
Compliance and Audit Support:
Support evidence collection and automation for SOC 2, ISO 27001, or NIST 800-53 controls.
Define and implement audit trails in code repos, deployment logs, and configuration management.
Work closely with compliance teams to map technical controls to policy requirements.

What You'll Need:

A first-principles mindset — you question assumptions, reframe problems from the ground up, and approach challenges with a foundational understanding rather than relying solely on precedent.
6-10 years in DevSecOps, Security Engineering, or related roles.
Experience with GitLab CI/CD and infrastructure-as-code (Terraform, CloudFormation).
Strong grasp of AWS security best practices (IAM, VPC, CloudTrail, GuardDuty).
Familiarity with container security, including image scanning and runtime protection.
Proficiency in scripting (Python, Bash, Go) for automation and integration.
Hands-on experience with secrets management, role-based access controls, and policy-as-code.

Bonus Points For:

Certifications: AWS Security Specialty, CISSP, OSCP, GIAC, or similar.
Experience with SOC 2, ISO 27001, or NIST-based controls.
Familiarity with SBOM management, GitOps workflows, or software supply chain security.
Background in R&D-heavy or IP-sensitive environments (e.g., biotech, hardware, advanced manufacturing).
Contributions to open source security projects or DevSecOps tooling.

$155,000 - $175,000 a yearThe compensation for this position also includes equity and benefits.Apply for this job

Life at Atomic Machines

Atomic Machines is redefining humanity’s relationship with matter. We see a future where our tools will allow us to reorganize matter at the atomic level at will, where we will go from bits to atoms for any object or machine that can be designed in alignment with physical laws. We have begun our journey with the development of a robotic manufacturing platform capable of making an entirely new class of micro-electromechanical (MEMS) devices. We are well funded and have exceptionally strong product/market fit and a clear go-to-market path for the device we will make first with our platform. Our platform breaks traditional manufacturing paradigms and constraints, enabling inexpensive rapid prototyping as well as large scale manufacturing with highly compelling economics. \n\nJoining forces with us means becoming part of an incredibly talented, inventive and passionate multi-disciplinary team working on a massive world-changing mission. You will have the opportunity to help define the company from its early days. You’ll be challenged to learn and grow as a builder and a leader as the company itself grows rapidly. And you will receive significant equity compensation - you’ll truly be a company owner and benefit financially from our overall success.

Thrive Here & What We Value1. Fastpaced cross-functional team in an early startup2. Collaborative Environment3. Agile Development Processes4. Dynamic Workplace5. Mission to Radically Advance Humanity's Command over Matter6. Innovation and Advancement7. Rapid Creation at Any Scale8. Exceptional LargeScale Product/Market Fit and Commercial Traction9. CrossFunctional Teams10. Passionate multi-disciplinary team

Related Sub