Security Engineer (Security & Cryptography)

TL;DR

Security Engineer (Security & Cryptography): Embedding security controls into developer workflows and defining cryptography integration patterns with an accent on automating security checks in CI/CD and ensuring GitOps/IaC/Helm patterns align with enterprise security controls. Focus on creating developer-friendly security guardrails and continuously improving security posture with minimal developer friction.

Location: Onsite in Jersey City, NJ, USA

Salary: $110,000–$120,000/year

Company

hirify.global is a global consulting firm specializing in digital transformation for financial services and technology firms, focusing on AI, Cloud, DevOps, Data, and Software Engineering solutions.

What you will do

• Embed security-by-default controls into SDKs, templates, Helm charts, and developer workflows.
• Define cryptography and encryption integration patterns (TLS standards, key management, secrets usage) consumable by teams.
• Integrate automated security checks into CI/CD (SAST, SCA, secrets scanning, container scanning, policy checks).
• Create developer-friendly security guardrails, secure coding patterns, remediation playbooks, and threat-model enablement.
• Ensure GitOps/IaC/Helm patterns align with enterprise security controls (least privilege, provenance, hardened configs).
• Collaborate with platform and DevOps engineers to continuously improve security posture with minimal developer friction.

Requirements

• Experience with DevSecOps Tooling: SAST, SCA, secrets scanning, container image scanning, policy/guardrail checks in CI/CD.
• Expertise in Cryptography & Security Engineering: TLS, PKI basics, encryption at rest/in transit patterns, KMS/HSM concepts.
• Knowledge of Secure SDLC: shift-left practices, secure defaults in templates/SDKs, automated security gating approaches.
• Proficiency in Cloud & Kubernetes Security: IAM least privilege, network/security policies, secure Helm/IaC practices.
• Experience with Vulnerability & Remediation: findings triage, remediation guidance, secure configuration baselines.
• Ability to provide Developer Enablement: security patterns as reusable components, documentation and adoption support.
• Relevant certifications such as OSWE, PWPP, eWPT, CSSLP, or GIAC.
• English: B2 required.
• Work authorization for the US required.

Culture & Benefits

• Highly competitive compensation and benefits package.
• A multinational organization with opportunities for global work within 60 offices in 20 countries.
• 10 days of paid annual leave, plus sick leave and national holidays.
• Comprehensive insurance plans (medical, dental, vision, life, disability) and retirement savings plans.
• Access to extensive training opportunities, Udemy for Business, and coaching with experienced colleagues.
• Work on cutting-edge projects at world-leading tier-one banks, financial institutions, and insurance firms.
• A flat, approachable organization with a diverse, fun-loving, and global work culture.