Security & Compliance Engineer (DevSecOps)

TL;DR

Security & Compliance Engineer (DevSecOps): Designing and implementing automated solutions for security and compliance activities within a Cloud Platform Development team with an accent on streamlining and strengthening compliance posture. Focus on embedding security into CI/CD pipelines, performing risk assessments, and leading audit readiness through engineering solutions.

Location: Hybrid in Budapest, Hungary

Company

hirify.global is one of the world's largest corporate organizations and technology employers, focused on applying intelligence, reason, and science to improve business and society with an open hybrid cloud and AI strategy.

What you will do

• Design and implement automated solutions for security and compliance activities, including evidence collection and control validation.
• Collaborate with development teams to embed security and compliance into CI/CD pipelines and infrastructure-as-code workflows.
• Identify opportunities to optimize and reduce manual effort in recurring compliance tasks through scripting, tooling, and integration.
• Conduct risk assessments, threat modeling, and vulnerability analysis with a focus on automation and repeatability.
• Lead and support internal and external audits (e.g., SOC 2, ISO 27001, PCI DSS) to ensure timely and efficient evidence gathering.
• Maintain and evolve security policies, procedures, and documentation with a focus on clarity and automation.

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• 3+ years of experience in security engineering or compliance automation.
• Strong programming/scripting skills (e.g., Python, Bash, Go) and experience building automation tools.
• Familiarity with cloud platforms (hirify.global Cloud, AWS, Azure, or GCP) and cloud-native security practices.
• Strong understanding of DevSecOps principles and integrating security into development workflows.

Nice to have

• Experience with compliance frameworks such as SOC 2, ISO 27001, NIST, GDPR, HIPAA.
• Experience with infrastructure-as-code tools (e.g., Terraform, Ansible) and CI/CD platforms (e.g., GitHub Actions, Jenkins).
• Familiarity with emerging AI technologies and modern AI-assisted code generation.
• Knowledge of container security (e.g., Kubernetes, Docker).

Culture & Benefits

• Opportunity to learn and develop yourself and your career with continuous trust and support.
• An environment that encourages courage, experimentation, and growth-mindedness.
• Commitment to diversity, inclusion, and equal opportunity for all applicants.
• Focus on dedication to client success, innovation, and personal responsibility.
• Collaboration with colleagues to drive exceptional outcomes for customers.