Application Security Engineer (Security)

TL;DR

Application Security Engineer (Security): Preventing and eliminating software vulnerabilities across hirify.global's product suite with an accent on providing design guidance and finding solutions that eliminate classes of vulnerabilities. Focus on making the secure path the easy path for product teams, participating in incident responses, and building tools that prevent vulnerabilities or automate remediation.

Location: Hybrid, must work from offices on Mondays, Tuesdays, and Thursdays in San Francisco, California, or New York, New York.

Salary: $165,000 - $200,000 per year (San Francisco and New York)

Company

hirify.global helps you build beautiful tools for your life’s work by providing one place for teams to get everything done, seamlessly connecting docs, notes, projects, calendar, and email—with AI built in to find answers and automate work.

What you will do

• Define the direction and goals of the Application Security program as an early member of the team.
• Provide design guidance and find solutions that eliminate classes of vulnerabilities.
• Create static and dynamic analysis rules that detect weaknesses in our codebase.
• Provide developers guidance and education on security and privacy best practices.
• Participate in and drive mitigation strategies during AppSec related incident responses.
• Build and maintain tools that prevent vulnerabilities or automate remediation.

Requirements

• Security Architecture expertise: At least 3+ years of experience working with product teams to design and/or build secure software.
• Demonstrated ability to advocate for and lead cross functional projects, partnering with product engineering teams to improve security.
• Pragmatic and business-oriented, with the ability to balance security investments with business outcomes.
• Empathetic communication skills for explaining technical decisions and engaging thoughtfully with other perspectives.
• Comfortable navigating the fast moving, unstructured nature of a hyper-growth startup.

Nice to have

• Participation in bug bounty programs or capture the flag exercises.
• Published reports of vulnerabilities or AppSec related blog posts.
• Involvement in local or regional security user groups or conferences.

Culture & Benefits

• In-person collaboration is essential to hirify.global's culture, with all team members working from the office on designated Anchor Days (Mondays, Tuesdays, and Thursdays).
• hirify.global is committed to providing highly competitive cash compensation, equity, and benefits.
• hirify.global is an equal opportunity employer and considers qualified applicants with criminal histories.