Senior Information Security Controls Automation Specialist (Cybersecurity)

TL;DR

Senior Information Security Controls Automation Specialist (Cybersecurity): Automating the evaluation and testing of security controls both on-premises and in the cloud with an accent on reducing manual effort and increasing assessment efficiency. Focus on integrating validation logic into CI/CD pipelines, developing continuous control monitoring, and resolving platform integration errors for robust security.

Location: Hybrid, based in Heredia, Costa Rica

Company

hirify.global is a global data and technology company powering opportunities for people and businesses, redefining lending practices, preventing fraud, simplifying healthcare, and creating marketing solutions.

What you will do

• Analyze and automate existing manual test steps for assessing operating effectiveness of security controls in both cloud and on-prem environments.
• Develop automated control mechanisms (e.g. scripts, APIs, compliance dashboards) and integrate validation logic into CI/CD pipelines and cloud environments.
• Allow continuous control monitoring (CCM) by developing reusable logic and ensuring automated controls produce evidence.
• Develop dashboards visualizing compliance status and resolve platform integration errors.
• Analyze false positives and lead remediation of those indicators.
• Maintain a control automation backlog and document all automated control logic, control mappings, and system configurations.

Requirements

• 5+ years of experience in automation development.
• A bachelor's degree in computer science, management information systems, relevant field, or equivalent demonstrable experience.
• Knowledge of security tooling (e.g. SIEM, Identity and Access Management platforms, DLP), cloud platforms (AWS, GCP, Azure), Infrastructure as Code (Terraform) and scripting languages (e.g. Python, JavaScript, Ruby, C#, PowerShell).
• Knowledge of cloud architecture and cybersecurity domains and principles.
• Experience in efficiency and risk reduction.
• Professional certification such as AWS Solutions Architect, CCSP, CISSP, CRISC, ISO 27001 Lead Auditor, or equivalent.

Nice to have

• Experience with workflow automation platform tines.io.
• Experience with Open Policy Agent (OPA) and Rego.
• Experience with information security control testing methodologies, information security risk assessments, and auditing tools.

Culture & Benefits

• Medical, life, and dental insurance.
• Asociación Solidarista, International Share Save Plan.
• Flex Work/Work from home options.
• Paid time off, Birthday day off, Annual Performance Bonus.
• Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program.
• Commitment to DEI, work/life balance, development, authenticity, collaboration, wellness, reward and recognition, and volunteering.