Sr Product Security Engineer (Cybersecurity)

TL;DR

Sr Product Security Engineer (Cybersecurity/AI): Building and operating a modern security tooling pipeline for a cybersecurity SaaS portfolio with an accent on SDLC security infrastructure and AI-first automation. Focus on integrating AI-powered security reviews, reducing false positives, and ensuring scalable security coverage without becoming a bottleneck.

Location: Remote (Canada or United States)

Company

hirify.global is a global identity security leader protecting Paths to Privilege™ through a cybersecurity SaaS portfolio.

What you will do

• Build and maintain the SDLC security pipeline using Claude Code Security, Codex Security, GitHub Advanced Security, and Wiz CLI.
• Design and operate automated security review workflows with human-in-the-loop checkpoints using LLM platforms.
• Integrate security tooling into GitHub PRs, CI/CD pipelines, and IDE plugins to optimize the developer experience.
• Leverage AI to automate code review triage, vulnerability detection, and fix suggestions.
• Support product incident response by investigating security issues and coordinating emergency fixes.
• Collaborate with Security Testers, Architects, and TPMs to translate secure design standards into pipeline policies.

Requirements

• 4+ years of experience in Application Security, Product Security, DevSecOps, or Security Engineering.
• Hands-on experience implementing and tuning SAST, DAST, SCA, and secret scanning in GitHub-integrated environments.
• Experience with AI-powered security tools such as Claude Code Security, Codex Security, or similar LLM-based platforms.
• Strong understanding of CI/CD pipeline architecture and automation (scripting, policy-as-code, webhooks).
• Familiarity with container security scanning (Wiz CLI, Trivy, Snyk) and AWS cloud fundamentals.
• Must be based in Canada or the United States.

Nice to have

• Experience with CodeQL custom queries and organization-wide GitHub Advanced Security rollout.
• Familiarity with policy-as-code frameworks like OPA/Rego or Kyverno.
• Background in securing endpoint technologies or identity systems.
• Experience building developer enablement programs or self-service security tooling.

Culture & Benefits

• Culture of flexibility, trust, and continual learning.
• Recognition for professional growth and individual impact on company success.
• Supportive environment with people who challenge and inspire one another.
• Strong commitment to diversity and inclusion as guiding core values.