Infrastructure Vulnerability Management Engineer (Cloud Security)

TL;DR

Infrastructure Vulnerability Management Engineer (Cloud Security): Designing and managing the vulnerability lifecycle across multi-cloud environments and containers with an accent on Cloud Security Posture Management (CSPM) and Infrastructure-as-Code (IaC) security. Focus on automating scanning pipelines, ensuring regulatory compliance (SOC 2, ISO 27001), and implementing real-time cloud countermeasures during security incidents.

Location: Hybrid: Must be based in Foster City, CA (In-office requirement: Monday, Wednesday, Friday)

Salary: $210,000 – $270,000 + Equity

Company

hirify.global is an agentic software creation platform that enables anyone to build applications using natural language.

What you will do

• Perform continuous security scanning and triage of cloud workloads based on CVSS and real-world exploitability.
• Own and optimize CSPM, KSPM, and DSPM tools to maintain hardened baselines and prevent data leakage.
• Embed automated IaC security scanning into CI/CD pipelines to identify architectural risks before deployment.
• Manage the vulnerability lifecycle for container images and VMs in collaboration with SRE and Platform teams.
• Ensure compliance with SOC 2, ISO 27001, and PCI-DSS, maintaining audit-ready evidence.
• Act as a technical responder during security incidents, deploying cloud and network countermeasures.

Requirements

• 5 years of experience in Cloud Security, DevSecOps, or Systems Engineering.
• Strong expertise in multi-cloud environments, specifically deep GCP experience preferred.
• Hands-on experience with security platforms like Wiz, Orca, Prisma Cloud, or Lacework.
• Proficiency with Terraform, Pulumi, and GitOps workflows.
• Deep understanding of Docker and Kubernetes security (GKE, EKS), including network policies.
• Knowledge of security compliance frameworks (SOC 2, ISO 27001, CIS Benchmarks, NIST).

Culture & Benefits

• Competitive salary and equity.
• 401(k) program with a 4% match (US Only).
• Comprehensive health, dental, vision, and life insurance.
• Flexible Time Off (FTO), paid parental, medical, and caregiver leave.
• Monthly wellness stipend and in-office perks including set-up reimbursement.
• Autonomous work environment with quarterly team gatherings.