Senior Product Security Engineer (Automotive)

TL;DR

Senior Product Security Engineer (Automotive): Designing and implementing secure technologies for the hirify.global Driver with an accent on automotive cybersecurity standards and vulnerability research. Focus on performing technical security assessments, threat modeling, and developing secure protocols to mitigate risks in autonomous vehicle software and hardware.

Location: Hybrid (San Francisco, California) - must be in office at least 3 days per week

Salary: $162,000 - $260,000 per year

Company

hirify.global is developing the hirify.global Driver to deliver the benefits of self-driving technology safely, quickly, and broadly across mobility and logistics.

What you will do

• Provide consulting and advisory services to engineering teams focused on automotive cybersecurity.
• Drive improvements in internal processes and technical fundamentals through threat modeling and requirements development.
• Implement and execute cybersecurity best practices for autonomous vehicles across internal and external partners.
• Perform technical assessments, research vulnerabilities, and design secure protocols and fuzzers to drive architectural changes.
• Assess risks across the hirify.global Driver Platform and prioritize critical vulnerabilities in software and hardware components.
• Conduct research to identify novel attack vectors against hirify.global’s products and services.

Requirements

• Foundational knowledge of Automotive Cybersecurity (ISO21434/UNECE/NHTSA) and Linux OS security.
• Proficiency in C++, Golang, and Python.
• Experience in risk assessment, threat modeling, OS hardening, vulnerability management, or cryptographic protocols.
• Expertise in vulnerability discovery, design reviews, and code-level security reviews.
• Knowledge of CWE Top 25 and general security engineering principles.
• Must be based in the San Francisco area to comply with the hybrid work requirement (3+ days in office).

Nice to have

• Direct professional experience in automotive cybersecurity or offensive security (red teaming/pentesting).
• Knowledge of embedded firmware, hardware security, TPMs, and HSMs.
• Familiarity with AWS cloud security and infrastructure-as-code.
• Experience implementing Defense in Depth strategies across diverse software and hardware stacks.
• Contributions to the security industry via open source, papers, or conference presentations.

Culture & Benefits

• Competitive base salary, annual bonus, and equity compensation.
• Hybrid work environment emphasizing in-person collaboration and empathy.
• Values-driven culture based on integrity, high goals, and a "no jerks" policy.
• Strong organizational commitment to safety and inclusion.