Expert Security Engineer (Cybersecurity)

TL;DR

Expert Security Engineer (Cybersecurity): Leading proactive security efforts through ethical hacking and penetration testing of critical healthcare applications and infrastructure with an accent on vulnerability identification and exploitation. Focus on conducting in-depth security reviews, articulating complex technical risks to stakeholders, and providing expert guidance on secure design principles.

Location: Must be based in the US or Canada

Salary: $100,000 - $120,000 USD

Company

hirify.global delivers innovative health IT solutions that support caregivers and elevate care delivery across the globe.

What you will do

• Lead and execute advanced penetration tests against critical systems, applications, and networks.
• Conduct in-depth security reviews of applications to uncover design flaws and coding vulnerabilities.
• Independently identify, validate, and exploit security vulnerabilities to assess potential impact.
• Clearly articulate technical findings and remediation strategies to both technical and non-technical stakeholders.
• Provide expert consultation to development and operational units on secure design and best practices.
• Maintain awareness of current attack vectors and proactively recommend mitigation techniques.

Requirements

• Must be based in the US or Canada
• Minimum 5 years of experience in cybersecurity, with at least 3 years dedicated to ethical hacking and penetration testing.
• Proven expertise in network, web application, API, and cloud penetration testing.
• Deep understanding of application security principles, secure coding practices, and OWASP Top 10.
• Demonstrated ability to independently identify and exploit vulnerabilities with high fidelity.
• Strong presentation skills for conveying security insights to customers and internal teams.
• Experience with cloud security assessments, specifically Microsoft Azure.

Nice to have

• Experience with Python or PowerShell for automation.
• Relevant offensive security certifications such as OSCP, OSWE, GPEN, or GWAPT.
• Industry certifications like CISSP, CompTIA Security+, or CySA+.
• Expert knowledge of Linux and Windows operating systems.

Culture & Benefits

• Opportunity to work at the intersection of technology and healthcare.
• Collaborative environment focused on proactive security and innovation.
• Engagement with diverse technical and non-technical stakeholders.
• Focus on professional growth and security best practices.