Principal Security Researcher

TL;DR

Principal Security Researcher: Leading original research into complex and high-impact vulnerability classes affecting hirify.global’s products and the broader identity security ecosystem with an accent on novel attack surfaces and advanced exploit chains. Focus on AI and Agentic Security Strategy, Technical Publications and Thought Leadership and strategic technical advising.

Location: Remote (United States | Canada)

Salary: $246,000 USD - $369,000 USD or $228,000 CAD - $342,000 CAD

Company

hirify.global is building the foundation for a safe, productive digital future by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted.

What you will do

• Lead original research into complex and high-impact vulnerability classes affecting hirify.global’s products and the broader identity security ecosystem.
• Design and develop sophisticated threat models, attack chains, and proof-of-concept exploits that demonstrate real-world risk at the highest level of complexity.
• Lead research into the security implications of AI in identity systems, including prompt injection, data poisoning, adversarial attacks on AI-driven access decisions.
• Author high-quality research publications, white papers, blog posts, and technical advisories and present findings through podcasts, webinars, and/or major security conferences.
• Represent hirify.global in standards bodies such as NIST, FIDO, and MCP at a leadership level.
• Serve as a trusted technical advisor to the Director of Security Research, security leadership, and product/engineering executives.

Requirements

• 8+ years of progressive experience in security research, offensive security, or vulnerability research.
• Bachelor’s degree in Computer Engineering, Computer Science, Information Security, or a related field; or equivalent practical experience; an advanced degree (MS/PhD) in a relevant discipline is highly valued.
• Expert-level offensive security experience: extensive experience in vulnerability research, exploit development, reverse engineering, and/or advanced adversarial simulation at scale.
• Broad and deep domain expertise across application security, cryptography, access governance, identity protocols, Linux/Windows/macOS system internals, Web application security, AI/Agentic security, or Mobile security.
• Recognized expertise in AI security, including hands-on research into prompt injection, data poisoning, adversarial ML, AI architecture review, or the security of agentic systems.
• Exceptional written and verbal communication skills , with demonstrated ability to produce landmark technical publications, as well as deliver compelling presentations to both deeply technical and executive audiences.

Culture & Benefits

• Prioritize collaboration, clear and transparent communication, receptiveness to feedback, and alignment with core values.
• Committed to leveraging cutting-edge technology—including AI—to achieve the mission.
• Remote-first work environment with travel for in-person engagement.
• Competitive health benefits and generous PTO policy.
• RSU program for most employees and retirement matching program.