Principal Security Engineer (AI)

TL;DR

Principal Security Engineer (Cybersecurity/AI): Validating that application services are designed and implemented with high security standards with an accent on application security and risk mitigation. Focus on performing vulnerability and penetration testing, implementing repeatable secure development practices, and designing programmatic controls to prevent exploitation.

Location: Onsite in Lehi, Utah

Company

hirify.global is building an impactful AI employee ecosystem for local businesses, recognized as a leader in AI agent implementation and revenue driving.

What you will do

• Collaborate with developers and DevSecOps to ensure a continuous cycle of secure development and validation testing.
• Define and execute a security review process utilizing dynamic and static code analysis resources.
• Perform vulnerability and penetration testing, emphasizing automation for testing and remediation.
• Align with architects and development teams for secure design and engage in information security projects.
• Analyze application security to address both legacy and emerging security issues.
• Document delivery advances meeting service-level agreements (SLAs) and business metrics.

Requirements

• 4+ years of cybersecurity experience and preferably 5+ years in application programming.
• Expertise in threat modeling, vulnerability testing, and software development (Java, Python, C++, Ruby, etc.).
• Solid understanding of network and web protocols, intra-company, and third-party APIs.
• Proficiency with dynamic and static analysis tools.
• Excellent communication of business risk from cybersecurity issues.
• Must be based in or able to work onsite in Lehi, Utah.

Nice to have

• Experience with cloud platforms (AWS, Microsoft Azure, or GCP) and cryptography controls.
• DevOps background with scripting skills in Python, JavaScript, PowerShell, PHP, or Ruby.
• Familiarity with standards such as ISO 27001, NIST, PCI DSS, HIPAA, GDPR, or SOC 2.
• Knowledge of Windows, Linux, Unix, and state privacy laws.
• Certifications such as SANS (GWAPT), CISSP, CSSLP, or OSCP.

Culture & Benefits

• Access to a stellar HQ in Utah featuring a gym with professional coaches and classes.
• Onsite HQ child care center, subsidized for employees.
• Comprehensive medical, dental, and vision benefits, including life and disability insurance.
• 401k Plan and generous vacation time, including special summer holiday weekends.
• Paid maternity and paternity leave, plus fertility benefits.
• Open and transparent culture with bi-annual swag drops.