Product Security Engineer

TL;DR

Product Security Engineer (Application Security): Taking ownership of core product security activities and strengthening the security of cloud products with an accent on threat modeling, code assessments, and vulnerability triage. Focus on DevSecOps tooling and automation, ensuring security becomes a natural part of development pipelines.

Location: Hybrid options (remote within the EU)

Company

hirify.global is the market leader in Workforce Management Software, helping companies work more intelligently, creatively, and humanely by optimizing the balance between profitability and people.

What you will do

• Drive key elements of the Secure SDLC, including hands‑on threat modeling, code and architecture assessments, and vulnerability triage and remediation support.
• Independently operate security testing workflows, such as SAST, DAST, SCA, secrets scanning, dependency checks, and manual verification of findings.
• Contribute to the design and continuous improvement of DevSecOps tooling and automation, ensuring security becomes a natural part of development pipelines.
• Monitor product‑relevant threat intelligence, analyze impact, and proactively recommend security improvements.
• Support compliance efforts (Cyber Resilience Act, GDPR, ISO 27001, SOC 2) by implementing controls and maintaining documentation.
• Participate in security incident investigations for product‑related issues, including root‑cause analysis, documentation, and follow‑up actions.

Requirements

• A degree in computer science, information security, engineering, or a related field.
• Solid experience in application security, product security, secure software development, or DevSecOps.
• Good understanding of cloud architectures, security testing techniques, secure coding, and common security tooling.
• Experience contributing to security frameworks, processes, or automation in a product or engineering environment.
• Familiarity with regulatory and certification requirements.
• Strong communication and collaboration skills; able to work independently with engineering teams and provide clear, actionable security guidance.

Culture & Benefits

• Flexible Work Culture: Hybrid options (remote within the EU), 30 days of vacation, and a strong commitment to diversity & inclusion.
• Health & Wellbeing: Including regular check-ups, corporate wellness programs, and Wellhub membership.
• Stability & Growth: Company listed on SDAX & TecDAX, with 19+ years of record-breaking revenue and a 30%+ EBIT margin.
• Competitive Rewards: Including profit-sharing and employee stock program.
• Structured Onboarding & Continuous Leadership Development: Clear career paths onboarding through Expert & Leadership Tracks, plus access to ATOSS Academy.
• Engaging Team Environment: Seasonal company events, team retreats, and an in-house barista.