Vulnerability Intelligence, Product Security (Remote)

TL;DR

Vulnerability Intelligence, Product Security Engineer: Protecting hirify.global and its customers from advanced threats by monitoring emerging vulnerabilities and deploying large-scale security systems. Focus on risk-based analysis of vulnerability exposure and developing data-driven prioritization frameworks aligned with business risk tolerance.

Location: Remote (US)

Salary: $90,000 - $125,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package

Company

hirify.global is a global leader in cybersecurity, protecting organizations with an AI-native platform.

What you will do

• Analyze emerging vulnerabilities, assess exploitability and business risk, and recommend prioritized remediation strategies.
• Conduct risk-based analysis of vulnerability exposure and develop data-driven prioritization frameworks aligned with business risk tolerance.
• Implement and monitor tools for detection and monitoring of assets across multiple clouds and data centers.
• Develop and maintain vulnerability management KPIs and communicate security posture to technical and executive stakeholders.
• Utilize the latest Falcon features to improve security posture and provide direct feedback to product teams.

Requirements

• Able to thrive in a highly independent work environment.
• Applicable experience in a security role implementing and supporting security systems.
• Experience applying risk scoring frameworks (CVSS, EPSS, SSVC) and business impact analysis to prioritize vulnerabilities based on exploitability, asset criticality, and organizational risk tolerance.
• Ability to research CVEs, assess exploit availability, and leverage threat intelligence to understand real-world vulnerability impact beyond published severity scores.
• Strong scripting/development capabilities in one or more common scripting languages, such as Ruby/Chef, Python, Golang, etc.
• Proven ability to collaborate across engineering, product, and leadership teams to negotiate remediation timelines and communicate risk in business context.
• Experience working with Linux and/or other Unix-like variants, cloud platforms (GCP) and highly concurrent systems.

Nice to have

• Experience with Kubernetes and containerized applications.
• Experience working with developers on security vulnerability impact and remediation efforts.
• Hands-on experience with the Falcon platform.
• Experience assessing software supply chain risks, open source vulnerabilities, and third-party dependencies for risk-based prioritization decisions.
• Familiarity with security frameworks (NIST, ISO 27001, CIS Controls) and compliance requirements that influence vulnerability remediation SLAs.

Culture & Benefits

• Market leader in compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays for recharge.
• Paid parental and adoption leaves.
• Professional development opportunities for all employees regardless of level or role.