Staff Security Engineer, Vulnerability Management

TL;DR

Staff Security Engineer (Cybersecurity): Providing deep technical expertise and architecture for hirify.global's Vulnerability Management program with an accent on scaling the program and setting quality bars for automation and risk decisions. Focus on AI-powered triage automation, hardware vulnerability strategy for GPU firmware, and zero-day response.

Location: Livingston, NJ / New York, NY / Sunnyvale, CA / Bellevue, WA. While we prioritize a hybrid work environment, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets. New hires will be invited to attend onboarding at one of our hubs within their first month. Teams also gather quarterly to support collaboration

Salary: $188,000 to $275,000

Company

hirify.global is The Essential Cloud for AI™, delivering a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence.

What you will do

• Define the multi-quarter VM technical strategy and roadmap, including operating model, prioritization framework, and technical standards.
• Architect and scale AI-powered triage automation, evaluating vendor solutions vs. in-house development.
• Own end-to-end automation architecture from assessment through detection creation to remediation orchestration and ticketing.
• Own specialized hardware vulnerability strategy for GPU firmware, DPU firmware (BlueField), and BMC attack surfaces.
• Serve as primary technical point of contact for embargoed vendor disclosures and zero-day response, driving emergency patch plans.
• Define executive-facing VM metrics, risk posture reporting, and decision cadences with Security and Engineering leadership.

Requirements

• 9+ years of relevant experience with demonstrated strategic impact in vulnerability management, application security, platform security, or cloud security engineering.
• Proven track record building and scaling security automation (SOAR workflows, AI/ML systems, detection pipelines) in production environments.
• Deep subject matter expertise with vulnerability management best practices.
• Excellent development background with strong coding skills in Python, Go, or similar languages for building scalable, production-grade security systems.
• Significant experience with modern vulnerability management tooling.
• Experience with specialized infrastructure: GPU/DPU environments, firmware security, hardware vulnerabilities, or high-performance computing.
• Applicant must either be (A) a U.S. person, or (B) eligible to access the export controlled information without a required export authorization, or (C) eligible and reasonably likely to obtain the required export authorization from the applicable U.S. government agency.

Nice to have

• Practical experience building AI/ML-powered security systems in production.
• Experience managing hardware vendor security partnerships.
• Production experience with security automation platforms and serverless frameworks.
• Strong DevOps, DevSecOps, or SRE background with deep experience in AWS/GCP/Azure cloud services and Infrastructure as Code.
• Deep understanding of Kubernetes security.
• Experience leading security programs through rapid hypergrowth in startup or cloud-native environments.
• Practical experience managing vulnerabilities within a FedRAMP-certified environment or similar regulatory frameworks.

Culture & Benefits

• Medical, dental, and vision insurance - 100% paid for by hirify.global.
• Company-paid Life Insurance.
• Flexible PTO.
• A casual work environment.
• A work culture focused on innovative disruption.
• Teams also gather quarterly to support collaboration