Application Security Architect (AI)

TL;DR

Application Security Architect (AI): Establishing and leading the application security function for a cloud-based smart home and IoT platform with an accent on secure SDLC, threat modeling, and AI-assisted tooling integration. Focus on designing resilient security architectures, managing vulnerabilities across complex codebases, and collaborating with engineering teams to embed security best practices from development to production.

Location: Must be based in or able to commute to Tysons, Virginia (Hybrid: 4 days/week in office)

Company

hirify.global is a leading cloud-based platform provider for smart security and IoT, innovating in AI, video analytics, and machine learning for over 7.6 million properties.

What you will do

• Lead threat modeling and participate in design reviews to ensure security by design across mobile apps, cloud services, and IoT devices.
• Drive vulnerability management by prioritizing and partnering with engineering teams on remediation of findings from SAST, DAST, and other security tools.
• Integrate security into CI/CD pipelines and evolve AppSec tooling, including emerging AI-driven security capabilities.
• Perform targeted code and API reviews for high-risk components and authentication flows.
• Partner with AI/LLM development teams to ensure secure integration, model hardening, and data protection.
• Provide security training, coding guidance, and mentorship to engineering teams.

Requirements

• 10+ years of experience in application security or software engineering (minimum 8 years for strong candidates).
• Must be authorized to work in the US; no sponsorship or immigration support available.
• Proficiency in at least one programming language (e.g., Python, JavaScript, C#).
• Deep understanding of application security principles (OWASP Top 10), cloud-native security, and Kubernetes.
• Practical experience with AppSec tooling (SAST, DAST, SCA, IAST, WAF).
• Demonstrated ability to influence engineering practices and drive security outcomes cross-functionally.

Nice to have

• Experience with GitHub Advanced Security (code scanning, secret scanning).
• Familiarity with AI/LLM security concepts (OWASP Top 10 for LLMs).

Culture & Benefits

• Comprehensive medical plan options and HSA with company contribution.
• 401(k) retirement plan with employer match.
• Paid holidays, wellness time, and vacation leave that increases with tenure.
• Company-paid disability and life insurance, plus paid maternity and bonding leave.
• Collaborative team environment emphasizing in-person partnership and cross-departmental impact.