Role Overview
Nox Metals is hiring a IT and SecOps. This is a full-time role in Detroit. Part of Nox Metals's Qa hiring. Full responsibilities, required qualifications, and the apply link are listed in the description below.
Salary Context
Salary is not disclosed in this posting. Market median for Qa roles is $80k-$120k (based on 104 comparable listings). Many employers share specifics during the interview process or after an initial screen.
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Job description
IT and SecOps | Nox Metals | Detroit, MI
American factories deserve a supply chain that moves as fast as they do. The next generation of American manufacturing is being built right now. Nox Metals is the supply chain behind it.
Nox Metals is a technology company in Detroit supplying aluminum plate, bar, and rounds to aerospace and defense manufacturers. We use software and automation to supply metal to American factories faster than the industry thought possible.
We need an IT and SecOps lead to own every laptop, every account, every network, every endpoint, and every byte of customer data. Our customers are aerospace and defense manufacturers. Their security expectations are our floor, not our ceiling. Nox Metals is an employer with real opportunity for long term career growth, this is a place to build a career, not just hold a job.
You will:
- Own IT and SecOps end to end as a solo IC across the entire company, office, factory, and field
- Own CMMC compliance end to end, build it, run it, audit it, certify it, defend it
- Own NIST 800-171 controls, DFARS 7012 cyber requirements, and all customer-driven security obligations
- Build and maintain the System Security Plan (SSP), POA&M, and every artifact CMMC and customer audits demand
- Own identity and access management, SSO, MFA, provisioning, deprovisioning, least privilege across every system
- Own endpoint management, MDM, EDR, patching, encryption, and asset inventory across every laptop, desktop, and shop floor device
- Own network infrastructure, firewalls, segmentation between IT and OT, VPN, Wi-Fi, and remote access
- Own the OT side of the house, segment and harden CNC controllers, saw HMIs, and PLCs from the corporate network
- Own cloud security across our SaaS stack, Supabase, GitHub, Microsoft 365, and every tool we run
- Own backup, disaster recovery, and business continuity, test it, do not just document it
- Run vulnerability management, log monitoring, and incident response, fix it once and fix it for good
- Own employee onboarding and offboarding from an IT and security standpoint, day one access ready, day-of departure access cut
- Run security training and phishing simulations across the company
- Build dashboards and reports on patch compliance, endpoint health, identity hygiene, and incident metrics
- Partner with the software team to embed security into NOX NEST, WAYNE, and our internal tools
- Always ask questions, never guess when something is unclear
- Look at every process and figure out how to make it better
- Work safely every shift and hold your teammates to the same standard
You should be:
- 3 to 4+ years owning IT and security in a manufacturing, defense, aerospace, or comparable regulated environment
- Deep experience owning CMMC, NIST 800-171, and DFARS 7012 from the inside, you have built the SSP, run the controls, and passed assessments
- Fluent in identity, endpoint, network, cloud, and OT security as a single integrated stack
- Experienced segmenting IT and OT networks in a real factory, not just on paper
- Comfortable as a solo IC, you own the function end to end and pick the tools we run on
- Cracked with software, scripting, and automation, you do not click through 200 user accounts when a script will do it
- Calm under pressure when an incident happens, methodical when running root cause
- High attention to quality, every control, every log, every access review
- Always thinking about how to make processes better, you do not accept "this is how we have always done it"
- Absolutely customer obsessed, our security posture is how customers trust us with their data and their parts
- A team player with a good attitude, you make the company better for everyone around you
- Someone who takes ownership, if it has a chip in it, it is your responsibility
- Precise under pressure and reliable, security does not bend for a deadline
- Organized and detail oriented, audit-ready every day, not just on audit day
- Committed to safety, you follow every protocol, wear your PPE, and never cut corners that put people at risk
- High agency, you handle big items alone and ask for help when needed
- Low ego, you do the unglamorous work because it needs to get done
- Able to lift up to 50 lbs and handle physical IT work, racks, cables, shop floor hardware
- Not afraid to work outside normal hours when America demands it
- Never says "that's not my job"
Nice to have
- Experience in metals, aluminum, or aerospace/defense supply chains
- CISSP, CISM, Security+, or comparable security credentials
- Hands-on experience with Microsoft 365 GCC or GCC High environments
- Background segmenting and hardening OT networks (CNC, PLC, HMI environments)
- Track record passing a CMMC Level 2 third-party assessment
- Comfortable using AI tools to work faster and smarter
This role is full time, in person in Detroit.
About Nox Metals
Frequently Asked Questions
How do I apply for the IT and SecOps position at Nox Metals?
Use the Apply button above to submit your application directly to Nox Metals. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.
Where is the IT and SecOps position at Nox Metals located?
This position is based in Detroit. Nox Metals has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.
What does a IT and SecOps at Nox Metals earn?
Nox Metals has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.
When was the IT and SecOps role at Nox Metals posted?
This role was posted on April 26, 2026 (74 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.
Similar Jobs
More Jobs at Nox Metals
View all →AI-powered job search
Get every job scored to your resume
Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.
Get started freeNo credit card to start