Senior Application Security Engineer

TL;DR

Senior Application Security Engineer: Building a "Secure Paved Road"—an automated self-service ecosystem embedding security into the development lifecycle with an accent on pipeline automation, secure code templates, and continuous validation. Focus on threat modeling, security design reviews, penetration testing, and scaling defenses across 80+ R&D squads.

Location: US Remote

Salary: $125,700 - $168,100 USD

Company

hirify.global transforms product security into a core part of how engineering delivers software.

What you will do

• Integrate GitHub Advanced Security into CI/CD pipelines for automated vulnerability detection and fast feedback.
• Develop secure microservice templates, libraries, and practices to eliminate security issues at the source.
• Lead penetration testing, security assessments, bug bounties, and operate DAST, SAST, SCA tools.
• Conduct security design reviews, threat modeling, and develop secure architecture standards.
• Automate secrets detection, triage vulnerabilities, and provide technical leadership via Security Champions Program.
• Participate in incident response and continuously improve security posture against emerging threats.

Requirements

• 5+ years in Product/Application Security with strong software engineering background
• Proficiency in C#/.NET (preferred) or Go/Java; ability to read and write code to find/fix vulnerabilities
• Experience with GitHub Advanced Security, dependency scanners, secret detectors
• Automation skills in Python, Go, PowerShell; preference for building tools over manual fixes
• Interest in AI and Security intersection, securing AI workloads

Culture & Benefits

• Flextime, flexible time off, comprehensive onboarding, leadership training, peer recognition via Bonusly
• Holistic health benefits: company-paid medical/dental/vision, FSA, HSA, 401k match, telehealth
• Life stage support: parental leave, fertility services up to $20k, pet insurance, financial planning