Senior Engineer, Security

TL;DR

Senior Engineer, Security: Lead the design, implementation, and maintenance of security strategies and solutions to protect systems, networks, applications, and customers with an accent on cloud, application, and DevSecOps security. Focus on vulnerability assessments, SDLC security integration, incident response and post-incident remediation, and mentoring security engineers to strengthen hirify.global’s security posture.

Location: Chicago, IL (hybrid — work from the Chicago office once a week on Tuesdays). Local candidates preferred; fully remote candidates within the US are considered for the right fit.

Company

hirify.global is the online marketplace for buying and selling new, used, and vintage musical instruments.

What you will do

• Design, implement, and maintain comprehensive security strategies for networks, systems, and applications.
• Perform security assessments to identify vulnerabilities and weaknesses across infrastructure and applications.
• Develop and enforce security policies and standards across the organization.
• Partner with development and operations to integrate security into the SDLC (DevSecOps).
• Lead incident response, run post-incident analysis, and implement corrective actions.
• Evaluate and select security technologies and tools; mentor junior security engineers.

Requirements

• Extensive experience in a relevant security domain with deep knowledge in at least one: Cloud Security, Application Security, DevSecOps, or Corporate Security.
• Hands-on experience with security frameworks and controls such as OWASP Top 10, CIS Controls, and NIST CSF.
• Hands-on experience with security tools such as EDR/XDR, WAF, SIEM, SAST/DAST, DLP, PAM, SOAR, and CASB.
• Proficiency in scripting/programming languages (e.g., Python, Java, Bash, Ruby, Node) to automate security tasks and assess vulnerabilities.
• Strong problem-solving and critical thinking under pressure, plus excellent communication skills.
• Proven track record leading security initiatives and driving projects to completion.

Culture & Benefits

• Hybrid schedule: in-office once a week on Tuesdays for Chicago-based team members.
• Comprehensive total rewards including 100% paid medical, dental, and vision premiums for eligible employees and dependents.
• Matching 401(k), generous PTO (vacation, sick/mental health days, and paid holidays), and paid sabbatical program.
• Professional development support via mentoring, 1:1 coaching, and learning platforms (e.g., Skillsoft).
• 18 weeks of gender-neutral parental leave and an annual work/life stipend.

Hiring process

• Interviews to evaluate security expertise, collaboration, and problem-solving.
• Discussion of relevant security initiatives and how experience maps to hirify.global’s security posture.