Security Engineer, Product Security (AI)

TL;DR

Security Engineer, Product Security (AI): Building and shipping secure products by identifying risks early and improving security quality across the software development lifecycle with an accent on threat modelling, vulnerability detection, and secure-by-design practices. Focus on remediating vulnerability classes across APIs, automating security reviews using AI, and partnering with engineering teams to raise the security bar.

Location: Hybrid (London Office)

Company

hirify.global is an AI-powered customer communications platform used by over 22,000 companies worldwide to redefine how teams handle voice, SMS, and WhatsApp.

What you will do

• Partner with engineering teams to review designs and implementation plans, identifying security risks early and recommending mitigations.
• Perform threat modelling for new features and major changes to document risks, assumptions, and security controls.
• Triage and remediate common vulnerability classes across services and APIs, including auth/authz, injection, and logic flaws.
• Conduct security testing and validation using SAST/DAST tools and targeted manual testing for high-risk areas.
• Improve secure development practices by creating reusable guidance, checklists, and secure patterns for engineering teams.
• Contribute to security tooling and automation to improve coverage and streamline security reviews.

Requirements

• 2–5 years of experience in Product Security, Application Security, or software engineering with a strong security focus.
• Strong understanding of web application and API security fundamentals and OWASP Top 10.
• Experience performing security reviews, threat modelling, or secure architecture assessments.
• Ability to read and review production code in at least one language (e.g., Python, Go, Java, JavaScript/TypeScript).
• Familiarity with security testing tools including SAST/DAST, dependency scanning, and fuzzing.
• Must be based in or able to work from the London office (Hybrid).

Nice to have

• Experience with cloud-native architectures (AWS/GCP/Azure), Kubernetes, and secrets management.
• Ability to tune security tools to reduce noise and improve signal.
• Familiarity with secure SDLC practices and security champions programs.
• Exposure to bug bounty programs or working with external vulnerability researchers.
• Experience improving internal security automation using AI-assisted tooling.

Culture & Benefits

• Fast-learning, entrepreneurial environment with a strong team spirit.
• Company culture that values work-life balance.
• Multicultural workspace with team members from 45+ nationalities.
• Competitive salary package and benefits.
• Opportunity to join a high-growth AI unicorn during a key expansion phase.