Senior Manager, Security Risk (Cybersecurity)

TL;DR

Senior Manager, Security Risk Management (Cybersecurity): Leading and evolving hirify.global's global security risk function, focusing on integrating security risk approaches into R&D and IT lifecycles within a complex microservices and hybrid cloud environment. Focus on operationalizing advanced risk frameworks, developing high-impact executive-level reporting, and optimizing workflows for pragmatic risk solutions.

Location: Remote, must be based in the US.

Salary: $243,680 - $304,600 USD (San Francisco Bay area, California)

Company

hirify.global is a remote-first product company shaping the future of communications, delivering innovative solutions to businesses and empowering millions of developers worldwide.

What you will do

• Lead, mentor, and grow a diverse team of international and domestic risk analysts, fostering a culture of excellence and continuous development.
• Conduct and oversee complex risk assessments across microservices architectures, cloud-native environments, and on-premise telecommunications systems.
• Operationalize and mature the One hirify.global Risk Management framework, integrating compliance and focusing on emerging areas like AI Risk, Data Governance, and Privacy.
• Develop and deliver high-impact, executive-level risk reporting, translating technical vulnerabilities into actionable business insights.
• Identify and design efficient process workflows within Jira and GRC tools to automate risk intake, tracking, and remediation.
• Act as a primary point of contact for external auditors and regulators, clearly articulating hirify.global’s risk posture.

Requirements

• Experience: 8+ years in Cybersecurity or Information Security, with at least 4+ years in a people management role leading international teams.
• Deep understanding of hybrid cloud environments (AWS/GCP), on-premise infrastructure, and microservices, with a preference for telecommunications sector experience.
• Proven track record of implementing and maturing risk frameworks (e.g., NIST RMF, ISO 3100), with specific experience in AI Risk Management or Data Governance frameworks.
• Power-user level proficiency in Jira for workflow orchestration and experience with security tooling (e.g., Wiz, Orca, Snyk) and GRC platforms (e.g., LogicGate, Archer, ServiceNow).
• Exceptional written and verbal communication skills, with a proven ability to present complex risk topics to non-technical executive audiences.
• Proven ability to adapt to company culture while driving necessary change and maturity, balancing risk mitigation with business velocity.

Nice to have

• Deep fascination with how AI is changing the threat landscape and ideas on how to govern it without stifling innovation (e.g., NIST AI RMF or ISO 42001).
• Ability to help the business define and document specific risk appetite statements beyond basic High/Medium/Low classifications.
• Skill in quantifying the cost of a security control versus the value of the risk it mitigates.
• Experience integrating threat modeling into the early stages of a CI/CD pipeline.
• Familiarity with Infrastructure as Code (IaC) for implementing "policy-as-code".
• Product Security mindset, with experience prioritizing security features in a roadmap alongside revenue-generating features.

Culture & Benefits

• Remote-first work environment with a strong culture of connection and global inclusion.
• Utilizes Artificial Intelligence (AI) to ensure an efficient, fair, and transparent hiring process, with human decision-making for final calls.
• Offers competitive pay, generous time off, ample parental and wellness leave, healthcare, and a retirement savings program (401k).
• Empowers employees to build positive change in their communities through volunteering and donation support.
• Promotes hirify.global Magic values, encouraging problem-solving, initiative, and trying new things.