Staff Security Operations Engineer (GraphQL)

TL;DR

Staff Security Operations Engineer (GraphQL): Leading application security and security operations for a high-scale API platform with an accent on threat modeling, detection engineering, and secure SDLC integration. Focus on building automated security tooling, driving systemic risk reduction, and partnering with engineering teams to secure GraphQL-based architectures.

Location: Must be based in US time zones

Salary: $230,000 – $255,000 USD

Company

hirify.global provides the industry-standard platform for building and managing GraphQL APIs used by major global technology companies.

What you will do

• Partner with engineering teams to conduct threat modeling and security reviews for new features and architecture changes.
• Establish and evolve application security programs, including SAST/DAST tooling, dependency scanning, and secure coding standards.
• Drive security requirements into the SDLC and embed security gates into CI/CD pipelines.
• Advance detection and response strategies in partnership with engineering and IT leadership.
• Implement and maintain adherence to SOC 2 and other cloud security frameworks.
• Guide the secure adoption of AI across the organization and within product features.

Requirements

• 6+ years of experience in security engineering, spanning both application security and security operations.
• Deep expertise in detection and response within cloud-native environments.
• Strong foundation in AppSec practices including threat modeling, SAST/DAST, and secure SDLC.
• Proven ability to build and automate security tooling using scripting or programming languages.
• Must be based in US time zones.
• Strong knowledge of SOC 2, ISO 27001, or similar security frameworks.

Nice to have

• Experience with AI security in detection, incident response, or product contexts.
• Familiarity with Terraform, Kubernetes, or other modern infrastructure stacks.
• Hands-on experience securing GraphQL APIs, federation, or API gateway patterns.
• Experience with software supply chain security (SBOM, Sigstore).

Culture & Benefits

• Opportunity to work on technology used by the world's largest GraphQL platforms.
• High-impact, high-ownership role with influence over security culture.
• Collaborative environment with a focus on professional growth and challenging work.
• Lightweight and reasonable on-call rotation.