Principal Security Engineer

TL;DR

Principal Security Engineer (Cybersecurity): Leading and executing security transformation initiatives for enterprise clients, focusing on cloud security, application security, and vulnerability management. Focus on conducting forensic investigations across cloud platforms, architecting robust security solutions, and integrating security best practices throughout the development lifecycle.

Location: Remote from the United Kingdom

Company

hirify.global is a product company passionate about creating better work experiences for people everywhere through its global office locations and flexible work culture.

What you will do

• Lead and execute security transformation initiatives for enterprise clients, focusing on cloud security, application security, and vulnerability management.
• Conduct forensic investigations across cloud platforms (AWS, Azure, GCP), including containerized environments like Kubernetes.
• Serve as a primary client-facing security expert, building strong relationships and communicating complex technical concepts to technical and non-technical stakeholders.
• Architect, design, and implement robust security solutions for cloud-native and traditional applications.
• Develop and implement secure software development lifecycles (SSDLC) and drive automated security testing.
• Mentor other security engineers, provide technical leadership, and stay updated on the latest security trends, threats, and technologies.

Requirements

• Bachelor’s degree in Computer Science, Cyber Security, Risk Management, or a related field (Master’s preferred).
• 10+ years of experience in information security, including securing cloud environments (Azure/GCP), application security, and security operations.
• Deep expertise in network and infrastructure security within major cloud platforms, including IAM, network configuration, and cloud-native security tools.
• Hands-on experience with vulnerability management, penetration testing, and common attack vectors; familiarity with SAST, DAST, and SCA tools, and strong understanding of the OWASP Top 10.
• Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) and forensic tools (e.g., EnCase, FTK) for streamlining investigations.
• Relevant certifications required: CISSP.

Nice to have

• Certifications such as CCSP, OSCP, CISM, or cloud-specific credentials (e.g., Google Cloud Security Engineer, Azure Security Engineer, AWS Security Specialty).
• Experience with Infrastructure-as-Code (IaC) tools like Terraform, CloudFormation, or ARM templates to automate security controls.
• Familiarity with container security and orchestration (Docker, Kubernetes).
• Knowledge of DevSecOps principles and integrating security into CI/CD pipelines.

Culture & Benefits

• Generous PTO and flexible work schedules.
• Remote work opportunities and paid company holidays, including hirify.global Quiet Fridays (no non-essential internal meetings).
• A casual dress work environment.
• For US-based team members: competitive salaries, medical, dental, and vision coverage, disability coverage, employer-paid life insurance, mental health resources, 401(k) plan, and a fully paid parental leave program.