Senior IT Engineer

About XBOW

At XBOW, we’re redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. Today, the gold standard for securing software systems is human pentesters, but with the rise of artificial intelligence, we’re stepping up to scale offensive security to meet the ever-growing demand.

AI is transforming the landscape of both cybersecurity and cyberattacks. While millions of people without security expertise are creating software, bad actors are using AI to launch more effective attacks. XBOW fights back with AI-driven superpowers, enabling security teams to stay one step ahead.

What makes XBOW truly unique? Like human experts, it forges creative attacks, adapts its learnings, and continuously works to find vulnerabilities faster than anyone ever could. We’re not only simulating threats—we’re also finding and responsibly disclosing real-world vulnerabilities, ensuring organizations can fix issues before they’re exploited. XBOW isn’t just a tool; it’s a transformative force in the secure development lifecycle.

Backed by Sequoia Capital and a team that includes the creators of GitHub Copilot and GitHub Advanced Security, XBOW is not just keeping up with the times—we’re shaping the future of cybersecurity. Our mission is simple: to defeat the bad actors before they strike, using AI to revolutionize how we approach offensive security.

We’re building something that must be built, and we’re the team to do it. Join us in shaping the next frontier of autonomous security.

Your Role: Senior IT Engineer

We’re looking for an experienced, hands-on Senior IT engineer to support and secure our internal systems, infrastructure, and workforce. You’ll help onboard new team members, manage devices and access, automate workflows, and ensure our compliance and security posture remains strong as we grow.

This is a deeply technical, individual contributor role. You’ll work across IT, devops, and internal security, partnering closely with engineering, legal, and leadership to keep our environment secure and efficient.

What You'll Do

• Design, deploy, and maintain:

  • End-user environments (laptops, device management including our MDM)

  • Identity and access management (SSO, MFA, RBAC)

  • Networking (Wi-Fi, VPN, firewalls, DNS)

  • Own SaaS tooling stack (Okta, Google Workspace, Slack, GitHub, 1Password, etc.)

  • Select tools with an eye toward cost, security, and scale

• Enable us to scale by automating IT tasks:

  • Write scripts (e.g. Python / Bash) to eliminate manual work

  • Provisioning and deprovisioning

  • Device configuration

  • Access requests

  • Integrate systems via APIs where possible

• Implement and enforce:

  • Endpoint security (EDR, patching, disk encryption)

  • Identity security (MFA, least privilege)

  • Secure onboarding/offboarding processes

  • Asset inventory

  • Vulnerability awareness

  • Support compliance efforts (SOC 2, ISO 27001, etc.) if/when needed

• Collaborate with engineering on IAM, AWS environment security, and internal tooling

• Monitor and respond to internal IT / Security events and incidents

• Document processes, playbooks, and policies to support a growing company

• Support developers with secure, reliable access to infrastructure and tools

Who You Are

• 5+ years of experience in IT or a devops roles

• Comfortable writing scripts to support automation and working with configuration management tools

• Proficient with mobile device management (e.g. Mosyle, Jamf) and endpoint provisioning

• Hands-on experience with Okta, Google Workspace, and cloud IAM (especially AWS)

• Experienced in managing access, authentication, and endpoint security across distributed teams

• Familiar with compliance requirements such as SOC 2, and comfortable aligning practices accordingly

• Security-minded and detail-oriented, with experience responding to incidents and hardening systems

• Proactive communicator who thrives in fast-paced, remote-first environments

Bonus Points

• Experience supporting engineering teams and developer tooling

• Familiarity with modern Mac fleet management

• Background at a startup or helping a company go from early stage to audit-ready

What We Offer

• Compensation & Equity: Competitive salary and meaningful stock options.

• Growth: Opportunity to learn from and collaborate with top security and AI experts

• Impact: Work on complex technical challenges that support the foundation of our company

• Remote-First:Work from anywhere, with regular opportunities to meet in person

What Else You Should Know

• Location: Remote US East Coast preferred (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person)

• Contract: Full-time.

• Hiring Process:

  1. Talent Introduction

  2. HM Interview

  3. 1 hour Technical Interview (Coding Exercise)

     • Progressing requires participating in a coding exercise. The sample code wouldn’t need to be fully functional if you're unfamiliar with a specific library, but we’d expect to see clear pseudo-code that demonstrates structure, logic, and problem-solving (Terraform experience is a plus).

  4. Final Interview as needed

We’re a security company that builds with AI at the core - so you’ll be protecting a team that moves fast, iterates aggressively, and lives in the command line. If that sounds like your kind of environment, let’s talk.