Principal Product Security Engineer (AppSec)

TL;DR

Principal Product Security Engineer (AppSec): Advising and guiding engineering teams on secure development practices and integrating security into AI/ML capabilities with an accent on hardening software supply chains and CI/CD infrastructure. Focus on leading cross-functional security initiatives, conducting security reviews, and elevating organizational security posture.

Location: As a distributed company, hirify.global offers flexible locations and schedules for many roles. Employment may require an export license for individuals located in or nationals of Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, the Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”).

Salary: $199,700–$315,900 USD. In select locations (Seattle WA, Los Angeles CA, San Francisco Bay Area CA, New York City Metro Area), the range is $239,800–$379,300 USD.

Company

hirify.global, the Search AI Company, helps organizations find answers in real time using AI and data, offering complete cloud-based solutions for search, security, and observability.

What you will do

• Act as a principal advisor and trusted partner to Engineering, providing strategic guidance on secure development practices.
• Develop and integrate guidance, frameworks, and tooling for safely embracing AI/ML capabilities in secure software development.
• Drive cross-functional security initiatives to harden the software supply chain and CI/CD infrastructure.
• Lead security reviews and assessments to identify weaknesses and provide effective mitigation and remediation strategies.
• Mentor and guide engineers and security champions to elevate the organizational security posture.
• Provide leadership and domain expertise in product-related security Incident Response processes.

Requirements

• Proven expertise in secure product development practices spanning the entire Software Development Lifecycle.
• A strong track record to lead large, cross-cutting projects and manage end-to-end delivery of security initiatives.
• Deep technical expertise, including proficiency in programming and scripting languages for vulnerability assessment.
• A demonstrated ability to communicate clearly and effectively across diverse teams and collaborators.

Nice to have

• Experience with any hirify.global products (hirify.globalsearch, Kibana, hirify.global Agent, Beats, hirify.global Cloud, Logstash, hirify.global Security).
• Experience contributing to large open-source projects and engaging with the developer community.
• Experience using, applying, and securing artificial intelligence and machine learning technologies.

Culture & Benefits

• Competitive pay and health coverage for you and your family in many locations.
• Ability to craft your calendar with flexible locations and schedules for many roles.
• Generous number of vacation days each year and a minimum of 16 weeks of parental leave.
• Company-matched 401k with dollar-for-dollar matching up to 6% of eligible earnings.
• Matching up to $2000 for financial donations and 40 hours each year for volunteer projects.
• An inclusive culture committed to diversity and different perspectives.