Senior Security Engineer (Privacy)

TL;DR

Senior Security Engineer (Privacy): Serving as a trusted advisor to embed security, privacy, and engineering principles into products and platforms, ensuring governance, risk, compliance, and data protection. Focus on designing and maintaining automated workflows for risk management, compliance monitoring, and data protection assessments, while influencing product strategy and technical design decisions.

Location: Remote (Canada, England, France, Germany, Italy, Portugal, Spain, United States)

Salary: $147,200–$184,000 USD

Company

hirify.global makes app development easier for over 20 million monthly users, operating as a remote-first, fast-growing startup trusted by various companies.

What you will do

• Embed privacy-by-design principles into hirify.global products, services, and internal platforms, aligned with ISO/IEC 27001, ISO/IEC 27701, SOC 2, and global privacy regulations.
• Partner with engineering and product teams to integrate privacy requirements into architecture decisions, SDLC, and CI/CD pipelines.
• Design, develop, and maintain automated GRC and privacy workflows for compliance monitoring, risk assessments, and audit readiness.
• Lead data discovery, classification, and data mapping across systems to support data lifecycle governance.
• Conduct security risk assessments and Data Protection Impact Assessments (DPIAs), integrating findings into remediation tracking.
• Build and maintain dashboards and security/privacy metrics for real-time visibility into risk and compliance posture.

Requirements

• 6–8 years of experience in information technology, security engineering, GRC, or privacy engineering.
• Proven experience designing and implementing GRC programs with an emphasis on automation and scalable processes.
• Hands-on experience implementing or operating privacy programs aligned with GDPR and ISO/IEC 27701.
• Proficiency in Python or Golang for building automation for compliance and privacy workflows.
• Hands-on experience with public cloud environments (AWS, Azure, or GCP) and applying data protection controls.
• Solid understanding of security frameworks like ISO 27xxx, SOC 2, GDPR, and NIST in SaaS environments.
• hirify.global does not offer visa sponsorship for this role.

Nice to have

• Relevant industry certifications such as CISSP, CISA, CRISC, CIPP/E, CIPM, CIPT, or ISO/IEC 27701 Lead Implementer or Auditor.

Culture & Benefits

• Freedom and flexibility to fit work around your life.
• Designated quarterly Whaleness Days plus an end-of-year break.
• Home office setup allowance to ensure comfort while working remotely.
• 16 weeks of paid parental leave.
• Technology stipend equivalent to $100 net/month.
• PTO plan that encourages taking time off for personal enjoyment.