Security Engineer (AI)

TL;DR

Senior Security Engineer (AI, Healthtech): Designing, implementing, and governing the security and compliance foundation for an AI-driven clinical platform with an accent on cloud security, regulatory compliance (SOC 2, ISO 27001, GDPR, HIPAA), and AI/ML pipeline security. Focus on embedding security-by-design principles, leading threat modeling, and ensuring compliance in a high-growth, regulated environment.

Location: **Hybrid in Barcelona, Spain**

Company

hirify.global is a pioneering Healthtech company focused on revolutionizing drug development through AI to accelerate medical advancements and improve patient outcomes.

What you will do

• Design and evolve end-to-end security architecture across cloud infrastructure, Kubernetes, CI/CD, and application layers.
• Lead threat modeling and risk assessments for platform components, data flows, and AI pipelines.
• Own and drive compliance initiatives for SOC 2 and ISO 27001, supporting alignment with GDPR, HIPAA, and GxP.
• Collaborate with AI and Data teams to design secure, compliant AI/ML pipelines and support governance aligned with emerging AI regulations.
• Design and improve security monitoring, logging, and alerting, and support incident response processes.
• Act as a security advisor to engineering teams, enabling secure-by-default development practices.

Requirements

• **2+ years of experience** in Security Engineering, Security Architecture, or related roles.
• Strong experience designing security architectures for **cloud-native systems (GCP preferred)**.
• Proven experience leading **SOC 2 and ISO 27001 compliance** initiatives in production environments.
• Solid understanding of **Kubernetes security, container security, and CI/CD security**.
• Experience with **secrets management, encryption, identity and access management, infrastructure-as-code, and GitOps-based environments**.
• Strong understanding of **risk management and threat modeling**.
• **Bachelor’s or Master’s degree in Computer Science, Security, Engineering**, or equivalent experience.

Nice to have

• Experience working in regulated industries such as healthcare, life sciences, or fintech.
• Exposure to AI/ML security, data governance, or model risk management.
• Familiarity with frameworks such as NIST, CIS Controls, and NIST AI RMF.
• Experience with security automation and compliance-as-code approaches.
• Knowledge of privacy engineering and GDPR implementation.

Culture & Benefits

• Shape the security and compliance foundation of a greenfield AI healthcare platform.
• Work at the forefront of AI, healthcare, and emerging global regulations.
• Comprehensive private health coverage supporting physical and mental well-being.
• Company-sponsored gym membership and wellness benefits.
• **Hybrid work model** offering flexibility and balance.
• Office perks including coffee, tea, beverages, and snacks.
• Team events and company retreats to celebrate progress and milestones.