Cybersecurity Engineer (Product Security)

TL;DR

Cybersecurity Engineer (Product Security): Designing and securing next-generation sensor platforms and software ecosystems with an accent on secure architecture, threat modeling, and compliance. Focus on integrating security into the SDLC, performing risk assessments for mission-critical defense technologies, and ensuring RMF/ATO authorization.

Location: Onsite in San Francisco, CA

Salary: $110,000 - $190,000

Company

hirify.global is a defense technology company redefining modern defense with a multi-product portfolio powered by Coherent Distributed Networks (CDN™).

What you will do

• Design and implement secure software and hardware architectures for mission-critical platforms and supporting infrastructure.
• Lead threat modeling exercises and conduct cybersecurity risk assessments for products and operational environments.
• Partner with engineering teams to integrate security requirements throughout the SDLC, performing code reviews and vulnerability remediation.
• Support cybersecurity compliance initiatives and product authorization efforts including RMF, ATO, and export control requirements.
• Collaborate with cross-functional teams (Software, Embedded, Hardware, DevOps) to balance security, performance, and operational needs.
• Coordinate security testing activities, including vulnerability assessments, penetration testing, and system hardening.

Requirements

• 5+ years of experience in cybersecurity engineering, product security, or application security.
• Must be a U.S. Citizen eligible for government facilities and sensitive information.
• Hands-on experience conducting threat modeling and cybersecurity risk assessments.
• Knowledge of secure software development lifecycle (SSDLC) practices and application security concepts.
• Familiarity with frameworks and compliance standards: RMF, NIST 800-53, NIST 800-171, CMMC, and DFARS.
• Ability to obtain security clearances as required by contract.

Nice to have

• Active Security Clearance.
• Experience securing embedded systems, sensor platforms, or edge computing technologies.
• Familiarity with ITAR and EAR export control requirements.
• Knowledge of TPM, secure boot, cryptographic hardware, or supply chain security.
• Experience with scripting or automation using Python, PowerShell, or Bash.
• Security certifications such as CISSP, CSSLP, GSEC, or Security+.

Culture & Benefits

• Medical, dental, and vision benefits 100% paid by the company.
• 401k with 50% company match up to 6% of pay, plus FSA and HSA.
• Unlimited PTO and "No meeting Fridays".
• Free daily lunch and casual dress code.
• Competitive base salary and generous pre-IPO stock option grants.
• Relocation assistance provided.