Engineer, Secops

TL;DR

Engineer, SecOps: Integrating, maintaining, and improving application security practices within core infrastructure and applications with an accent on security, networking and data assurance. Focus on designing, implementing, and maintaining security tools and processes for the platform.

Location: Hybrid - Morgan Hill, California; Remote - California; Remote - Massachusetts; Remote - North Carolina; Remote - Texas; Remote - Washington. Bay-area based candidates would work 2-3 days/week in office at our Morgan Hill, CA office for collaboration.

Salary: $135,000 to $175,000 + bonus + equity + benefits

Company

hirify.global is the leading auto-repair shop software company; it is a cloud-based solution that helps auto-repair shops consolidate tools, save time, and streamline their entire operation onto a simple, easy-to-use platform.

What you will do

• Design, implement, and maintain security tools and processes for the platform that provide the foundation for a world class level of security with our products and services
• Drive security workflow automation, deploy/tune EDR tools, manage security log ingestion, and build custom dashboards for visibility.
• Analyze and solve security problems, providing mitigations and root cause analyses
• Proactive threat management, analyze security alerts, perform prioritization with evidence, and manage incident remediation
• Be a driving force for incident response and blameless post mortem reporting
• Ensure compliance with security policies, industry regulations (e.g., SOC 2, PCI, etc), and manage IAM roles

Requirements

• Minimum of 3-5+ years in a SOC, security operations, or IT operations role with production-grade in Google Cloud Platform
• Networking knowledge (DNS, firewall/security groups, VPN, subnets, CIDR)
• Experience with SIEM platforms (Splunk, Sentinel, Rapid7, etc), and cloud security and infrastructure as code tools including Terraform, ArgoCD,, etc
• Strong scripting experience with bash, yaml, Typescript, GO, etc
• Experience with tools such as EDR, WAF, IDS/IPS, Pentests (e.g. Cobalt), etc
• Extensive experience with Docker and Kubernetes clusters

Nice to have

• Experience with Claude, Cursor, Git and GitHub
• Experience with DevSecOps (SOC2, PCI and/or ISO 27001 certification a plus)
• Knowledge of best practices related to security, resilience and disaster recovery
• Familiarity with Monitoring, Observability and Alerting tools (Prometheus/Grafana, Pager Duty, OpenTelemetry, etc)
• Strong documentation and compliance management skills - increasing awareness of all things security for the organization

Culture & Benefits

• Medical, dental, vision, and life insurance benefits available the 1st of the month following hire date
• Reimbursement for a personal health and wellness membership
• Generous parental leave
• 401(k) available upon hire
• Flexible time off - take the time off you need!
• Matching donations for approved charitable organizations