Sr. Engineer, Software Assurance - Product Security (Cybersecurity)

TL;DR

Senior Software Assurance Engineer (Cybersecurity): Assessing, designing, and implementing security controls and systems for hirify.global's software supply chain with an accent on active threat protection, pipeline hardening, and vulnerability management. Focus on securing open-source usage, improving security posture, and leading large-scale security initiatives across engineering.

Location: Remote (US)

Company

hirify.global is a global leader in cybersecurity, dedicated to stopping breaches with its advanced AI-native platform.

What you will do

• Assess risk and provide security guidance to engineers across the company on systems and software implementations.
• Design and implement tools and processes to secure and monitor software build pipelines, including signing.
• Harden open source code usage, development, and distribution.
• Investigate systems and applications to understand and improve security posture.
• Advocate for best-security practices to the entire engineering organization.
• Manage end-to-end delivery of large-scale, cross-cutting security initiatives to harden hirify.global software supply chain systems and processes.

Requirements

• Experience working in an engineering role designing, implementing, and supporting security systems.
• Experience working with and securing configurations of Linux and/or other Unix-like variants.
• Proficiency in one or more common scripting languages, such as shell, Python, Golang, javascript.
• Domain knowledge of networking, software development lifecycle management, secure coding practices and reviews, and system hardening.
• Understanding of software build pipeline applications, systems, and processes.
• Working experience with CICD pipelines and associated tools like Jenkins, Argo CD.
• Experience leading large, cross-team projects and initiatives.
• Familiarity with TLS best practices, ciphers, software signing operations, and public/private key infrastructure implementations and security.

Nice to have

• Experience with common monitoring or log aggregation tools such as LogScale, Splunk, DataDog, Prometheus.
• Experience with source control management tools like GitHub, BitBucket.
• Experience with common artifact storage tools like Artifactory and S3.
• Experience working in and secure configurations of large-scale cloud platforms with highly concurrent systems.
• Self-motivated to identify security problems and engage with teams to find solutions.
• Efficient communicator with strong writing skills, experience working remotely.
• Experience scripting groovy pipelines and using REST APIs.
• Experience working at a very large scale.

Culture & Benefits

• Market leader in compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays for recharge.
• Paid parental and adoption leaves.
• Professional development opportunities for all employees.
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections.
• Vibrant office culture with world class amenities.
• Great Place to Work Certified™ across the globe.