Senior Security Engineer (AI)

TL;DR

Senior Security Engineer (AI): Leading the integration of security best practices into software development and deployment pipelines with an accent on secure CI/CD, cloud architecture, and Kubernetes security. Focus on building automated environments, securing ML/AI workflows, and implementing threat mitigations across multi-cloud infrastructure.

Location: Onsite in Cambridge, MA, USA

Salary: $144,000–$210,000 USD per year

Company

hirify.global is pioneering a scientific superintelligence platform and autonomous lab for life, chemistry, and materials science, applying AI to accelerate discoveries in health, climate, and sustainability.

What you will do

• Secure CI/CD pipelines with build attestations, provenance, code signing, SBOM generation, and dependency/secret scanning.
• Implement Infrastructure-as-code security using Terraform/Helm with policy-as-code guardrails (OPA/Kyverno/Checkov) on AWS.
• Develop cloud security controls in AWS, including IAM least privilege, network segmentation, key/secret management, and EKS runtime protections.
• Ensure Kubernetes runtime security through admission controls, policy engines, Pod Security Standards, and RBAC/Network Policies.
• Safeguard the software supply chain using artifact signing, registry governance, vulnerability management, and automated remediation.
• Embed security in ML/AI and data workflows, focusing on secure data movement/storage, encryption, and isolation for training/inference.
• Conduct threat modeling with engineering teams for AISF components and implement effective mitigations.
• Build detection-as-code and response playbooks for cloud and Kubernetes, integrating with SIEM/SOAR.

Requirements

• Certification in Kubernetes Security.
• 5–8+ years in Security Engineering/DevSecOps with deep experience across CI/CD (GitHub Actions/GitLab CI/Jenkins), cloud, containers, and IaC (Terraform, Helm/Kustomize).
• Demonstrated ownership of secure-by-default pipelines and production Kubernetes hardening.
• Proficiency with policy-as-code (OPA, Kyverno, Checkov).
• AWS security depth across EKS, IAM, KMS, VPC/PrivateLink, ECR, S3, and logging/monitoring stacks.
• Supply chain security experience including SBOMs (CycloneDX/SPDX), image signing (Cosign), and SLSA-aligned provenance; vulnerability and secret scanning.
• Strong coding for automation and tooling in Python or Go, plus bash proficiency; experience integrating cloud/K8s telemetry with SIEM/SOAR.

Nice to have

• Experience securing ML/AI pipelines (feature stores, model registries, training clusters, inference gateways) and scanning ML artifacts.
• Knowledge of confidential computing/GPU isolation and privacy-enhancing technologies.
• Experience with Edge/IoT or lab device security (secure gateways, cert provisioning, zero trust patterns).
• Familiarity with regulated/audit-heavy environments (SOC 2, ISO 27001).
• SRE-adjacent skills applied to security controls (observability, reliability, chaos/scenario exercises).
• Prior startup/high-growth experience enabling developer velocity with strong guardrails.

Culture & Benefits

• Competitive base salary, bonus potential, and generous early equity.
• Commitment to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.
• Opportunity to contribute to a pioneering scientific superintelligence platform and autonomous lab.
• Solve humankind's greatest challenges in human health, climate, and sustainability.