Senior Product Security Engineer (Cybersecurity)

TL;DR

Senior Product Security Engineer (Cybersecurity): Designing and automating the engineering backbone for the Red Team to ensure robust security assurance for hirify.global's products and infrastructure with an accent on infrastructure-as-code and OPSEC. Focus on building resilient C2 platforms, automating payload delivery systems, and developing custom tooling to enable high-maturity offensive operations.

Location: Hybrid in Toronto, Canada

Salary: $114,000 — $157,300 USD

Company

hirify.global is a leading identity security company providing the trusted, neutral infrastructure that enables organizations to safely embrace AI and secure every identity.

What you will do

• Own the full lifecycle of Red Team infrastructure, including design, provisioning, and maintenance using Terraform (IaC).
• Develop and maintain custom tools, scripts, and automation for payload generation, log aggregation, and C2 profile management.
• Build and maintain representative test environments for pre-operation validation of tools and tradecraft.
• Design infrastructure with OPSEC as a first-class requirement, focusing on network segmentation and traffic separation.
• Manage the lifecycle of domains, certificates, cloud accounts, and recurring infrastructure expenses.
• Collaborate with operators to define infrastructure requirements, OPSEC constraints, and operational timelines.

Requirements

• 5+ years of professional experience in infrastructure engineering, DevOps, or platform engineering with significant automation responsibilities.
• Strong proficiency with Terraform (or equivalent IaC) for multi-cloud provisioning.
• Proficiency in at least one systems programming or scripting language such as Python, Go, or Bash.
• Solid understanding of Linux systems administration, networking fundamentals (DNS, HTTP/S, TCP/IP), and cloud platforms (AWS, GCP, or Azure).
• Deep understanding of OPSEC principles as they apply to offensive infrastructure.
• Must be based in Toronto, Canada (Hybrid role)

Nice to have

• Experience building CI/CD pipelines using GitHub Actions, GitLab CI, or Jenkins.
• Familiarity with containerization and orchestration via Docker and Kubernetes.
• Experience with C2 frameworks such as Cobalt Strike, Mythic, or Sliver from an infrastructure perspective.
• Working knowledge of Blue Team operations and security tool development (implants, evasion tooling).

Culture & Benefits

• Comprehensive benefits package including health, dental, and vision insurance.
• RRSP with company match, healthcare spending accounts, and telemedicine.
• Generous paid leave policies, including PTO and parental leave.
• Equity and bonus opportunities.
• Immersive, in-person onboarding experience to accelerate impact and community connection.