Staff Product Security Engineer, Red Team (Cybersecurity)

TL;DR

Staff Product Security Engineer (Red Team, Cybersecurity): Own the full lifecycle of red team infrastructure including design, provisioning, and automation using IaC tools with an accent on OPSEC-aware architecture, custom tooling, and resilient platforms. Focus on building automated workflows, maintaining tooling for C2 servers and phishing infrastructure, and ensuring operational efficiency through metrics and documentation.

Location: Hybrid in Toronto, Ontario, Canada

Salary: $141,000 — $193,600 USD

Company

hirify.global secures identities from AI to human, building trusted infrastructure for organizations embracing AI.

What you will do

• Own infrastructure engineering and automation: design, provision, configure, maintain, and teardown red team infrastructure using Terraform or equivalent IaC.
• Manage resource lifecycle including domains, certificates, cloud accounts, and expenses.
• Develop and maintain custom tools, scripts, and automation for payload generation, log aggregation, C2 profiles, and health checks.
• Collaborate with operators on engagement planning, build test environments, and maintain code repositories with quality standards.
• Collect engagement evidence and logs for reporting; track metrics for infrastructure maturity and efficiency.
• Design with OPSEC principles: network segmentation, secure access, runbooks, and documentation.

Requirements

• 8+ years in infrastructure engineering, DevOps, or platform engineering with automation.
• Strong Terraform (or equivalent) for multi-cloud provisioning.
• Experience in cloud-native, SaaS, or identity environments.
• Configuration management (Ansible or equivalent).
• Proficiency in Python, Go, or Bash with development practices.
• Linux admin, networking (DNS, HTTP/S, TCP/IP), cloud platforms (AWS, GCP, Azure).
• Understanding of OPSEC for offensive infrastructure.

Nice to have

• CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins).
• Containerization (Docker, Kubernetes).
• C2 frameworks (Cobalt Strike, Mythic, Sliver) from infrastructure perspective.
• Detection evasion for infrastructure.
• Blue Team knowledge, security tool development, Red Team maturity models.

Culture & Benefits

• Equity, bonus, health, dental, vision insurance, RRSP match, healthcare spending, telemedicine.
• Paid leave including PTO and parental leave.
• Global community with in-person onboarding.
• Focus on well-being, social impact, talent development, and connection.