Staff Security Engineer (Product Security)

81 000 - 108 000GBP

Формат работы

remote (только United_states/canada/united_kingdom)

Тип работы

fulltime

Грейд

principal

Английский

Страна

UK, US, Canada

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Staff Security Engineer (Product Security): Safeguarding hirify.global's products like Firefox and hirify.global VPN by embedding security into the full SDLC, leading penetration testing, and integrating security throughout the software development lifecycle. With an accent on proactive threat modeling, security assessments, and developing automated security tests within CI/CD pipelines to mitigate risks early. Focus on anticipating and mitigating complex application-level security risks and hardening systems that protect millions of users.

Location: Remote-friendly and open to most locations in the US and Canada. Separate hiring ranges are available for Remote UK.

Salary: £81,000–£108,000 GBP (Remote UK)

Company

hirify.global is a non-profit-backed technology company known for Firefox, focusing on an open and accessible internet for all.

What you will do

Safeguard millions of users by embedding security into products like Firefox and hirify.global VPN.
Ensure software product security by integrating it into the full Software Development Life Cycle (SDLC).
Anticipate, prioritize, and mitigate risks through proactive threat modeling, security assessments, and automation.
Perform security code reviews and lead penetration testing on web, mobile, and embedded applications.
Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early.
Partner with engineers to integrate security throughout the software development lifecycle and provide guidance.

Requirements

5+ years of relevant hands-on experience in product and application security.
Proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment.
Experience in one or more languages like Python, Go, Java, or JavaScript for automation and code review.
Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation.
Strong communication, collaboration, and problem-solving skills.

Culture & Benefits

Generous performance-based bonus plans.
Rich medical, dental, and vision coverage.
Generous retirement contributions with 100% immediate vesting.
Quarterly all-company wellness days and country-specific holidays plus a day off for your birthday.
One-time home office stipend and annual professional development budget.
Considerable paid parental leave.

Будьте осторожны: если вас просят войти в iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →