Senior Security Engineer I, Vulnerability Management

TL;DR

Senior Security Engineer I, Vulnerability Management: Performing hands-on vulnerability triage and driving remediation follow-through across cloud and specialized infrastructure environments with an accent on improving day-to-day operational quality and automation. Focus on supporting high-priority vulnerability response, building strong security judgment, and contributing to automated remediation campaigns.

While hirify.global prioritizes a hybrid work environment with office locations in Livingston, NJ, New York, NY, Sunnyvale, CA, and Bellevue, WA, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets. New hires will be invited to attend onboarding at one of our hubs within their first month, and teams gather quarterly. Must be a U.S. person (citizen, permanent resident, refugee, or asylee) due to export control compliance requirements.

Salary: $139,000–$204,000

Company

hirify.global is an essential cloud platform for AI, providing technology, tools, and teams to enable innovators to build and scale AI.

What you will do

• Perform hands-on vulnerability triage and risk assessment using defined standards.
• Track remediation progress with owner teams, escalate blockers, and ensure clean issue closure.
• Support automated triage workflows by validating outputs and improving signal quality.
• Contribute to automated remediation campaigns (e.g., EOL cleanup, vulnerable software upgrades).
• Support zero-day and embargo response by inventorying affected assets and tracking deployment.
• Participate in incident investigations and on-call rotations for critical vulnerability events.

Requirements

• 3+ years of relevant experience in vulnerability management, security operations, or application security.
• Strong understanding of vulnerability assessment fundamentals (CVSS, exploitability, risk prioritization).
• Hands-on experience with one or more vulnerability management platforms (e.g., Wiz, Rapid7, Qualys, Tenable).
• Proficiency in scripting/automation for workflow support (Python, Bash, or similar).
• Familiarity with cloud security concepts (AWS, GCP, Azure) and common infrastructure vulnerabilities.
• Strong written and verbal communication skills for cross-functional collaboration.
• Must be a U.S. person (citizen, permanent resident, refugee, or asylee) due to export control compliance.

Nice to have

• Exposure to security automation/SOAR platforms (e.g., Tines, Splunk SOAR).
• Experience with container/Kubernetes vulnerability workflows.
• Familiarity with hardware-adjacent vulnerability domains (GPU/DPU firmware, BMC/IPMI).
• Experience supporting compliance evidence collection (SOC 2, ISO 27001, FedRAMP).
• Exposure to AI-assisted security workflows and human-in-the-loop validation.

Culture & Benefits

• 100% company-paid medical, dental, and vision insurance.
• Company-paid Life Insurance and voluntary supplemental options.
• Flexible Spending Account (FSA) and Health Savings Account (HSA).
• 401(k) with a generous employer match.
• Flexible PTO and Paid Parental Leave.
• Tuition Reimbursement and ability to participate in Employee Stock Purchase Program (ESPP).
• Mental Wellness Benefits through Spring Health and Family-Forming support by Carrot.
• Flexible, full-service childcare support with Kinside.
• Catered lunch each day in office and data center locations, and a casual work environment.