Staff Security Engineer (Cybersecurity)

Формат работы

hybrid

Тип работы

fulltime

Грейд

senior

Английский

Страна

Poland/CR

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Staff Security Engineer (Authn/Authz): Define and drive authentication and authorization architecture for hirify.global Data Cloud SaaS platform with an accent on RBAC/ABAC patterns, API access control, and multi-tenant security. Focus on designing permission models, tenant isolation, secure logging, and implementing reusable guardrails for compliance and vulnerability mitigation.

Location: Prague, Czech Republic (Office Based; remote only if permanently located in the Czech Republic)

Company

hirify.global is the #1 market leader in data resilience and security posture management, providing cloud-native SaaS on AWS, Azure, GCP for 550,000+ customers worldwide.

What you will do

Define end-to-end security architecture for identity and authorization across VDC control and data planes
Evaluate and standardize authorization for multi-tenant SaaS including RBAC/ABAC, API auth, and permission modeling
Design role/permission models for customers, admins, support, and service-to-service access
Standardize identity/auth for agents and connectors in customer environments (tokens, scopes, least privilege)
Define shared capabilities like tenant isolation, policy enforcement, rate limiting, and secure logging/telemetry
Implement guardrails, perform code reviews, PRs, and embed with teams for auth changes; support compliance (SOC 2, FedRAMP)

Requirements

Must be permanently located in the Czech Republic
Proven experience as Security Architect, Senior Security Engineer, or software engineering for cloud-native multi-tenant SaaS
Hands-on with Okta, Auth0, or Keycloak (SDKs/APIs, OIDC/OAuth, token handling)
Strong software engineering in C#/.NET, Go, Java, Python, or TypeScript
Deep knowledge of authorization: RBAC, OAuth2/OIDC, JWT, mTLS, tenant isolation, secure APIs
Strong Azure security (Entra ID, AKS, networking, monitoring)
Strong English communication skills for distributed teams

Nice to have

Building shared authn/authz libraries, policy engines, or security control planes
Secure logging/telemetry design and data sanitization
Multicloud/hybrid identity experience

Culture & Benefits

25 vacation days, 4 sick days, 21 paid medical leave days, 4 hirify.globale Days, 24 volunteer hours
Premium private medical insurance for employees and dependents
Daily meal vouchers (180 CZK/day), flexible cafeteria benefits, Multisport Card
Public transport reimbursement, corporate mobile plan
Learning opportunities: LinkedIn Learning, O’Reilly, mentoring, workshops, Global Day of Learning

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →