Security Engineer (Cloud Security)

TL;DR

Security Engineer (Cloud Security): Own the design and implementation of security guardrails across hirify.global's AWS infrastructure, including multi-account strategy, network segmentation, identity architecture, and data protection. Focus on building secure-by-default Terraform modules, implementing preventive and detective controls, and embedding security into CI/CD pipelines to enable fast and confident shipping.

Location: On-site in Austin, Texas; New Orleans; San Diego, CA; or Washington, DC. This role requires access to export-controlled information or items that require “U.S. Person” status.

Company

hirify.global Technologies is a leader in revolutionizing autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations through autonomous and intelligent platforms.

What you will do

• Own the security architecture for hirify.global's AWS environments, including multi-account strategy and data protection.
• Design and maintain secure-by-default Terraform modules and IaC standards.
• Implement preventive controls (SCPs, permission boundaries) and detective controls (Config rules, CloudTrail analysis, GuardDuty).
• Design and enforce IAM patterns across AWS accounts, services, and workloads.
• Implement and govern secrets management using tools like AWS Secrets Manager or Vault.
• Partner with DevOps and Platform Engineering to embed security into CI/CD pipelines and infrastructure provisioning.

Requirements

• 10+ years of hands-on experience in cloud security engineering, infrastructure security, or a related role.
• Expert-level proficiency with Terraform, including module design and policy-as-code.
• Deep expertise in AWS security services and architecture, including IAM, Organizations, and Control Tower.
• Demonstrated experience building security guardrails and reusable infrastructure patterns.
• Strong experience with CI/CD pipeline security, IaC review processes, and automated compliance validation.
• Experience operating in AWS GovCloud or FedRAMP-regulated cloud environments.
• Strong proficiency in Python, Go, Rust, or equivalent languages for building security automation and tooling.
• Ability to obtain and maintain a security clearance.

Nice to have

• Experience in defense, aerospace, robotics, autonomy, or other high-assurance environments.
• Experience designing multi-account AWS landing zones and organizational security architectures.
• Hands-on experience with Kubernetes security, container security, and service mesh security.
• Familiarity with NIST SP 800-171, NIST SP 800-53, FedRAMP, or Cloud Computing SRG Impact Levels.
• Experience with infrastructure drift detection, automated remediation, and continuous compliance monitoring.
• Relevant certifications such as AWS Security Specialty, AWS Solutions Architect Professional, HashiCorp Terraform Associate/Engineer, CCSP, or CISSP.

Culture & Benefits

• Comprehensive health, dental, and vision insurance (hirify.global pays 100% of employee premium, 80% for dependents).
• Generous PTO and Holidays.
• Paid maternity and paternity leave.
• 401(k) plan with company match.
• Equity options.
• Basic life insurance and short- and long-term disability coverage.
• Discounted pet insurance options including 24/7 Telehealth helpline.
• Free lunch benefit and unlimited free drinks and snacks in the office.