Senior Application Security Specialist (AI)

TL;DR

Senior Application Security Specialist (Cybersecurity/AI): Integrating security into the SDLC and addressing unique challenges of AI-driven applications with an accent on secure AI integration and penetration testing. Focus on securing LLM-based architectures, conducting threat modeling for AI features, and implementing security gates in CI/CD pipelines.

Location: Hybrid in Warsaw (4 days/month) or Full remote from Poland

Company

hirify.global is the leading provider of business sustainability ratings, utilizing technology to analyze environmental, social, and ethical risks for companies worldwide.

What you will do

• Design and maintain security gates within CI/CD pipelines using AI-powered tools to automate vulnerability detection.
• Conduct internal penetration tests on web, mobile, and AI-based applications and coordinate third-party audits.
• Perform security reviews and threat modeling for LLM-based architectures, addressing risks like Prompt Injection and Data Poisoning.
• Lead vulnerability management, triaging findings from automated tools and coordinating remediation with engineering teams.
• Establish governance and best practices for the secure use of AI coding assistants and third-party AI APIs.
• Act as a security consultant for product teams on OWASP Top 10 and secure coding standards.

Requirements

• 3+ years of professional experience in Application Security, Penetration Testing, or Secure Software Development.
• Practical experience with Azure cloud solutions and securing SaaS platforms.
• Familiarity with OWASP Top 10 for LLM Applications and common Generative AI/ML risks.
• Strong understanding of common web and mobile vulnerabilities (OWASP Top 10, SANS Top 25).
• Experience integrating security checks into Azure DevOps pipelines.
• Must be eligible to work and live in Poland.

Nice to have

• Professional certifications such as OSCP, OSWE, or cloud/AI security credentials.
• Experience with frameworks such as MITRE ATLAS or NIST AI RMF.
• Knowledge of Kubernetes and securing applications in Azure, AWS, or GCP.
• Basic understanding of application performance monitoring (APM) and observability concepts.

Culture & Benefits

• Flexible working hours and hybrid/remote options within Poland.
• Wellness allowance for mental and physical wellbeing and professional mental health support.
• Internet and electricity bill allowance.
• Health care and life insurance (optional, fully covered or co-financed).
• Lunch cards, Multisport card, and Multikafeteria.
• Learning and development budget and referral bonus policy.