Staff Security Engineer

TL;DR

Staff Security Engineer (Cybersecurity): Developing and evolving the security architecture for hirify.global's API platform with an accent on cloud technologies, product security best practices, and integration of security into the architecture. Focus on leading threat modeling, risk assessments, evaluating new technologies, and contributing to long-term security strategy.

Location: Hybrid in San Francisco Bay Area, United States (expected to come into the office 3-days a week).

Salary: $250,000–$275,000

Company

hirify.global is the world’s leading API platform, used by over 40 million developers and 500,000 organizations, helping build the API-first world.

What you will do

• Maintain a security architecture framework that supports secure deployment of hirify.global products and services.
• Lead threat modeling and risk assessments to identify security vulnerabilities.
• Evaluate new technologies and architectures from a security perspective.
• Contribute to the development of long-term security strategy and roadmaps.
• Work closely with the SOC to understand gaps in product architecture.
• Mentor and provide guidance to junior security engineers and architects.

Requirements

• 10+ years in a security architecture role with a focus on software products and platforms.
• Experience with securing distributed systems, microservices, and APIs.
• In-depth knowledge of cloud security best practices on AWS, Azure, and Google Cloud.
• Proven leadership in driving security initiatives and integrating security into product development lifecycles.
• Demonstrated knowledge of security frameworks, industry standards, and regulations (EX: ISO 27001, SOC 2, GDPR).
• Hands-on experience with DevSecOps principles and integration of security within CI/CD pipelines.

Nice to have

• Experience with API security, including OAuth, JWT, and OpenID Connect.
• Knowledge of container security (Docker, Kubernetes).
• Familiarity with security automation tools and methodologies (e.g., SAST, DAST, RASP).
• Technical industry certifications such as OSCP, GPEN.

Culture & Benefits

• Hybrid work model with 3 days in-office for specific locations.
• Comprehensive benefits including full medical coverage, flexible PTO, and wellness reimbursement.
• Monthly lunch stipend and wellness programs for physical and mental health.
• Frequent team-building events and donation-matching program.
• Inclusive work culture valuing transparency, honest communication, and specific goals.