Infrastructure Security Engineer (Cloud/CI/CD Security)

TL;DR

Infrastructure Security Engineer (Cloud/CI/CD Security): Designing, building, and operating security controls as reliable internal services with an accent on infrastructure, CI/CD, and cloud security. Focus on integrating security into CI/CD pipelines, building cloud and Kubernetes guardrails, and evolving vulnerability management foundations.

Location: Remote-first, global

Company

hirify.global is a leading full-cycle verification platform enabling scalable compliance, trusted by over 4,000 clients globally to accelerate growth, prevent fraud, and maintain compliance.

What you will do

• Design and implement security controls integrated into CI/CD pipelines.
• Build and operate infrastructure security guardrails using Terraform, cloud, and Kubernetes.
• Own security tooling as products, managing their architecture, reliability, and lifecycle.
• Implement audit logging, change tracking, and security evidence generation.
• Design and evolve vulnerability management foundations (inventory, scoping, correlation).
• Define and enforce infrastructure security baselines.
• Collaborate with compliance teams to support audits (e.g., PCI DSS) with technical evidence.

Requirements

• Strong experience with CI/CD systems (GitHub Actions, GitLab CI, Jenkins).
• Proficiency in Infrastructure as Code (Terraform or similar).
• Experience with cloud platforms (AWS, GCP, Azure).
• Understanding of container and Kubernetes security concepts (Falco, Trivy).
• Knowledge of logging, auditability, and change tracking.
• Understanding of vulnerability management fundamentals (CVEs, scanners, remediation, validation).

Nice to have

• Experience with runtime security and drift detection.
• Knowledge of secret scanning and prevention.
• Experience building internal security tooling.
• Exposure to compliance frameworks (PCI DSS, SOC 2, ISO 27001).
• Development experience (Python, Go).

Culture & Benefits

• Remote-first, trust-based culture with no mandatory office days or attendance trackers.
• True flexibility in working hours, adjusting as needed while staying productive.
• Extra time off including birthdays, 10 personal days, and 7 sick days without paperwork.
• Work on a mission to build a secure, accessible, and inclusive digital world.
• Fair and transparent compensation benchmarked to the market.
• Opportunities for growth with clear goals, open feedback, and personal development plans, including coverage for role-specific events.
• Team offsites a few times a year, with fully covered trips for collaboration and recharging.
• Provision of necessary tools and hardware.

Hiring process

• TA screening.
• Hiring Manager Interview.
• Assignment.
• Final Interview.