Senior Manager - Security Risk Engineering (Cybersecurity)

TL;DR

Senior Manager - Security Risk Engineering (Cybersecurity): Evolving risk management from a compliance-driven model to an engineering-led risk intelligence capability with an accent on risk quantification and automation. Focus on building a second line of defense, automating third-party risk, and integrating AI into risk assessments.

Location: Must be based in the US (hiring across all US locations)

Company

hirify.global empowers creators to own their destiny by making first-party data accessible and actionable for personalized ecommerce experiences.

What you will do

• Lead the transition to an enterprise-wide risk framework covering operational, financial, and regulatory risks.
• Own the risk register and taxonomy, quantifying risk in financial terms for leadership decision-making.
• Build risk intelligence and automation capabilities using AI to surface live security posture data.
• Drive the risk scoring program and unlock third-party risk automation via a tiered vendor model.
• Operate as a second line of defense, providing independent oversight and challenging first-line delivery.
• Lead, mentor, and grow a team of risk engineers focusing on adversarial thinking and technical rigour.

Requirements

• 10+ years of experience in information security, cybersecurity, or technology risk within large or high-growth organizations.
• Proven experience in a second line of defense function within a Three/Four Lines of Defense model.
• Demonstrated leadership of security or risk teams with a track record of mentoring.
• Strong command of risk quantification and enterprise risk management beyond cybersecurity.
• Working knowledge of frameworks such as NIST, ISO 27001, SOC 2, and PCI DSS.
• Must be based in the United States.

Nice to have

• Experience evolving GRC models toward AI-enabled risk capabilities.
• Familiarity with AI governance, model risk, or responsible-AI programs.
• Technical skills in Python, SQL, and REST APIs for automated data pipelines.
• Hands-on experience in SecOps, AppSec, or Security Architecture.
• Professional certifications like CISSP, CISM, or CRISC.

Culture & Benefits

• Comprehensive health, welfare, and wellbeing benefits.
• Participation in the annual cash bonus plan and equity.
• Culture that values unique backgrounds and empowers individual creators.
• Collaborative environment with a focus on scaling and sustainable growth.