IT and SecOps

IT and SecOps | Nox Metals | Detroit, MI

American factories deserve a supply chain that moves as fast as they do. The next generation of American manufacturing is being built right now. Nox Metals is the supply chain behind it.

Nox Metals is a technology company in Detroit supplying aluminum plate, bar, and rounds to aerospace and defense manufacturers. We use software and automation to supply metal to American factories faster than the industry thought possible.

We need an IT and SecOps lead to own every laptop, every account, every network, every endpoint, and every byte of customer data. Our customers are aerospace and defense manufacturers. Their security expectations are our floor, not our ceiling. Nox Metals is an employer with real opportunity for long term career growth, this is a place to build a career, not just hold a job.

You will:

Own IT and SecOps end to end as a solo IC across the entire company, office, factory, and field

Own CMMC compliance end to end, build it, run it, audit it, certify it, defend it

Own NIST 800-171 controls, DFARS 7012 cyber requirements, and all customer-driven security obligations

Build and maintain the System Security Plan (SSP), POA&M, and every artifact CMMC and customer audits demand

Own identity and access management, SSO, MFA, provisioning, deprovisioning, least privilege across every system

Own endpoint management, MDM, EDR, patching, encryption, and asset inventory across every laptop, desktop, and shop floor device

Own network infrastructure, firewalls, segmentation between IT and OT, VPN, Wi-Fi, and remote access

Own the OT side of the house, segment and harden CNC controllers, saw HMIs, and PLCs from the corporate network

Own cloud security across our SaaS stack, Supabase, GitHub, Microsoft 365, and every tool we run

Own backup, disaster recovery, and business continuity, test it, do not just document it

Run vulnerability management, log monitoring, and incident response, fix it once and fix it for good

Own employee onboarding and offboarding from an IT and security standpoint, day one access ready, day-of departure access cut

Run security training and phishing simulations across the company

Build dashboards and reports on patch compliance, endpoint health, identity hygiene, and incident metrics

Partner with the software team to embed security into NOX NEST, WAYNE, and our internal tools

Always ask questions, never guess when something is unclear

Look at every process and figure out how to make it better

Work safely every shift and hold your teammates to the same standard

You should be:

3 to 4+ years owning IT and security in a manufacturing, defense, aerospace, or comparable regulated environment

Deep experience owning CMMC, NIST 800-171, and DFARS 7012 from the inside, you have built the SSP, run the controls, and passed assessments

Fluent in identity, endpoint, network, cloud, and OT security as a single integrated stack

Experienced segmenting IT and OT networks in a real factory, not just on paper

Comfortable as a solo IC, you own the function end to end and pick the tools we run on

Cracked with software, scripting, and automation, you do not click through 200 user accounts when a script will do it