Staff Security Engineer (AI)

TL;DR

Staff Security Engineer (AI/Cybersecurity): Designing and implementing security architectures to protect products and infrastructure with an accent on AI-driven security automation and LLM integration. Focus on building security agents using LangChain, mitigating prompt injection, and leading cross-functional vulnerability disclosure investigations.

Location: Remote (United States)

Company

hirify.global provides a data and AI platform that enables organizations to harness the full power of Postgres for transactional, analytical, and AI workloads across any cloud.

What you will do

• Lead cross-functional application security initiatives to identify and mitigate risks across hirify.global's products.
• Develop security automation and tooling using Python and Go to accelerate the InfoSec organization's detection and response capabilities.
• Build and orchestrate AI-driven security agents using LLMs and LangChain to automate threat modeling and code analysis.
• Implement security guardrails for internal AI applications, focusing on prompt injection mitigation and data leakage prevention.
• Lead vulnerability disclosure investigations, coordinating with engineering teams to assess impact and drive remediation.
• Integrate security into the SDLC through secure design reviews, threat modeling, and continuous partnership with product teams.

Requirements

• Developer-centric background with proficiency in writing production-quality code in Python or Go.
• Hands-on experience with LLM APIs (Anthropic Claude, OpenAI) and building functional internal AI tools.
• Deep understanding of the OWASP Top 10 for LLMs, including prompt injection and training data poisoning.
• Proven experience leading application security initiatives and vulnerability investigations in complex distributed environments.
• Strong ability to build trust with development teams through code reviews and peer-level collaboration.
• Must be based in the United States.

Nice to have

• Familiarity with AI Red Teaming or using LLMs to simulate adversarial attack paths.
• Experience with database security, specifically PostgreSQL or other relational systems.
• Knowledge of the MITRE ATT&CK Framework and attack path mapping.
• Expertise in compliance frameworks such as SOC 2, PCI, HIPAA, FedRAMP, or ISO 27001.
• Experience writing and reviewing C code.

Culture & Benefits

• Commitment to overall employee well-being and a healthy work-life balance.
• Access to CuraLinc for health and wellness tips and practices.
• Wellness Fridays extending through December 2026.
• Inclusive and diverse workplace built on trust and respect.