Security Assurance Engineer (Web3)

TL;DR

Security Assurance Engineer (Cybersecurity/Web3): Developing a proactive "validate and verify" security program to ensure defense effectiveness across cloud and SaaS environments with an accent on automated control validation and breach simulation. Focus on building a real-time security posture dashboard and orchestrating offensive testing strategies to eliminate security blind spots.

Company

hirify.global provides a secure platform and network for companies to manage and move digital assets, trusted by major financial institutions and Web3 companies.

What you will do

• Define, orchestrate, and drive the security assurance program from vision to full implementation.
• Design and execute automated testing, such as Breach & Attack Simulation, to verify prevention and detection controls.
• Build and maintain a real-time Security Posture Dashboard to provide visibility into the health of the security stack.
• Optimize the existing security suite to identify blind spots and ensure tools are properly configured and integrated.
• Coordinate regular external offensive testing cycles, including Penetration Testing and Phishing.
• Define ownership, maintenance schedules, and lifecycle processes for all security technologies.

Requirements

• 8+ years of experience in cybersecurity engineering and architecting (Infosec/DevSecOps).
• Proven technical capabilities in automation, scripting, and AI.
• Hands-on experience with offensive testing methodologies, such as penetration testing and red team exercises.
• Strong understanding of breach simulation, continuous control monitoring (CCM), and technical validation concepts.
• Expertise in Cloud and SaaS security (WAF, CNAPP), Identity and Access control (IDM, IDP, PAM), and Endpoint security (EDR, DLP, SASE).
• Ability to act as a self-directed architect and communicate effectively with senior leadership.

Nice to have

• Experience in crypto, fintech, or highly regulated financial environments.
• Familiarity with NIST Cybersecurity Framework (CSF) 2.0, Cloud Security Alliance (CSA) controls matrix, or MITRE frameworks.