Plus
Включить Plus
Назад
Company hidden
1 день назад

Senior Application Security Engineer (Cybersecurity)

Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
UK/Ireland
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (Cybersecurity): Securing hirify.global 2.0, the operating system for the modern software supply chain, by embedding directly into engineering tribes with an accent on threat modeling, code reviews, and building security tooling. Focus on eliminating software supply chain threats, implementing multi-tenant isolation, and raising the security judgment of the engineering organization.

Location: Must be based in Ireland or the United Kingdom; right to work independently without sponsorship required.

Company

hirify.global is building the operating system for the modern software supply chain, providing a global SaaS platform for secure artifact distribution and governance.

What you will do

  • Embed within engineering tribes to participate in planning, design reviews, and code delivery.
  • Perform threat modeling for APIs, workers, data stores, and tenant boundaries.
  • Build and automate security tooling, paved roads, and libraries to simplify security for engineers.
  • Operate and tune security controls including SAST, DAST, SCA, and container scanning.
  • Triage and remediate vulnerabilities from internal testing and responsible disclosure.
  • Support technical control work for SOC 2, ISO 27001, and EU CRA frameworks.

Requirements

  • 5+ years of hands-on application security or equivalent software engineering experience.
  • Strong software engineering craft with a primary focus on Python.
  • Deep knowledge of OWASP Top 10, authn/authz design, and multi-tenant access control.
  • Experience with AWS (IAM, KMS, S3), Terraform, and CI/CD security.
  • Must be based in Ireland or the UK with existing right to work without sponsorship.

Nice to have

  • Experience securing artifact management, package registries, or supply chain security platforms.
  • Knowledge of OPA/Rego, eBPF, or secure runtime sandboxing.
  • Contributions to open-source security tooling or supply chain projects.
  • Certifications such as OSCP, CSSLP, GPEN, GWAPT, GCSA, or CISSP.

Culture & Benefits

  • Competitive compensation package including equity.
  • Comprehensive health, dental, and vision insurance.
  • Professional development budget for training, books, and conferences.
  • Remote-first environment with a Belfast HQ used for team events and planning.
  • Flexible working policies and generous annual leave to support a sustainable pace.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →