Staff Application Security Engineer (AI)

TL;DR

Staff Application Security Engineer (AI): Securing hirify.global's web application platform and ecosystem with an accent on secure development practices, tooling, and vulnerability mitigation. Focus on leading threat modeling, designing software supply chain security programs, and driving application security roadmaps with AI-leveraged solutions.

Location: Remote-first (United States; BC & ON, Canada). Must have valid right to work authorization depending on the country of employment.

Salary: USD $175,000 - $247,000 (United States); CAD 199,000 - CAD 280,000 (BC & ON, Canada). Eligible for company-wide bonus program.

Company

hirify.global is building the world's leading AI-native Digital Experience Platform as a remote-first company built on trust, transparency, and creativity.

What you will do

• Collaborate with the hirify.global engineering team to secure the web application platform and ecosystem.
• Bring security best practices to the software development lifecycle.
• Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.
• Contribute code and architecture improvements to enable security within hirify.global’s application for engineers.
• Cross-train entry and mid-level application security engineers.
• Support hirify.global’s security current and future compliance frameworks.

Requirements

• 7+ years of application security experience, including hands-on software development, and operated as a technical authority in securing high-complexity, large-scale applications.
• Deep expertise in secure software design, secure coding, and modern web application security, with a proven ability to identify security design flaws and complex business-logic vulnerabilities.
• Regularly lead threat modeling efforts, conduct and oversee advanced penetration testing, and manage third-party pentests.
• Designed, implemented, and evolved software supply chain security programs, and owned or led bug bounty programs and major security tooling initiatives.
• Implemented and improved Secure Development Lifecycle (SDLC) processes at scale, influencing how multiple teams build and ship software securely.
• Driven multi-quarter application security roadmaps and complex security programs, partnering with engineering, product, and platform teams.
• Experience using and building security solutions that leverage agentic AI, including applying AI coding agents to scale security reviews, detection, and automation.
• Actively mentor and elevate other application security engineers and foster strong security practices.
• English: B2 required.

Culture & Benefits

• Every permanent employee receives equity (RSUs) in the company.
• Comprehensive medical, dental, and vision plans for full-time employees and their dependents, with hirify.global covering most premiums.
• 12 weeks of paid parental leave for all parents and 6+ weeks of additional paid leave for birthing parents.
• Flexible vacation, paid holidays, and a sabbatical program.
• Access to mental health resources, therapy and coaching.
• A 401(k) with 100% employer match (up to $6,000/year) in the U.S., and support for retirement savings globally.
• Monthly stipends for work and wellness expenses.