Senior Product Security Engineer (Cybersecurity)

TL;DR

Senior Product Security Engineer (Cybersecurity): Partnering with product management, engineering, and operations teams to embed security into the software development lifecycle with an accent on identifying security risks early, providing actionable guidance, and supporting security initiatives. Focus on leading threat modeling and security design reviews, assessing product architectures and data flows, and contributing to secure-by-design patterns and DevSecOps improvements.

Location: Remote (United States). Candidates must not require current or future sponsorship for employment authorization.

Salary: $100,000–$130,000 USD

Company

hirify.global provides differentiated, end-to-end software solutions to over 20,000 customers, including nonprofit organizations and Fortune 100 companies, aiming to increase giving rates and impact.

What you will do

• Lead threat modeling and security design reviews for assigned products and services.
• Partner with product managers and engineering leads to define practical security requirements and guardrails.
• Assess product architectures, data flows, and integrations to identify security risks and provide actionable recommendations.
• Provide clear, actionable guidance to engineering teams on secure design patterns and implementation.
• Review and triage security findings from internal testing, bug bounty programs, and third-party assessments.
• Support DevSecOps workflows by identifying gaps and assisting with improvements in existing CI/CD pipelines and security tooling implementation.

Requirements

• 5+ years of experience in product security, application security, or secure software engineering.
• Strong understanding of product architecture, APIs, and distributed systems.
• Experience performing threat modeling and security design reviews.
• Ability to assess security risk in the context of product functionality, customer experience, and business impact.
• Working knowledge of modern application development practices, CI/CD processes, and how security integrates into them.
• Familiarity with security tools including SAST, DAST, SCA, and common web application vulnerabilities (e.g., OWASP Top 10).

Nice to have

• Background in software engineering, DevOps, or system architecture.
• Experience working with SaaS platforms in a product-focused environment.
• Familiarity with secure cloud architecture and configuration, particularly in AWS environments.

Culture & Benefits

• Innovative culture focused on building AI-powered tools to solve human challenges and increase global impact.
• Inclusive and equitable environment where every team member belongs and contributes to meaningful impact.
• Comprehensive benefits package that supports health, well-being and growth, applicable to full-time employees in the United States.