Security Engineer Intern

TL;DR

Security Engineer Intern (Security/DevSecOps): Design, build, and automate security controls and guardrails for a healthcare AI platform with an accent on cloud security posture, detection engineering, and secure-by-default developer workflows. Focus on implementing measurable security improvements, creating response playbooks and runbooks, and partnering with Security, Infrastructure, and Product Engineering to validate and close findings.

Company

hirify.global is a healthcare AI platform used by health systems, hospitals, and payers to improve care quality and productivity.

What you will do

• Build and automate security controls and guardrails (e.g., IaC policy checks, least-privilege baselines, automated secrets detection in CI/CD).
• Create or tune detections and response playbooks for key risks, validate via simulation, and document runbooks.
• Contribute to secure-by-default developer workflows (e.g., pre-commit hooks, SAST/DAST pipelines, dependency scanning) and help triage findings to closure.
• Implement measurable improvements to cloud security posture (e.g., misconfiguration checks, logging/telemetry coverage, tagging/ownership hygiene).
• Write clear documentation and operational SOPs with measurable acceptance criteria; support security reviews for low-to-medium risk changes.

Requirements

• Experience building security engineering, cloud, or DevSecOps coursework or projects; comfortable reading code and automating with at least one language (Python, Go, or similar).
• Familiarity with security domains such as cloud security (GCP/AWS/Azure), identity and access management, CI/CD security, and container/Kubernetes basics.
• Ability to automate, measure outcomes, and keep systems better documented than found.
• Strong communication skills; ability to turn ambiguous problems into a small, shippable plan with milestones.

Nice to have

• Hands-on with infrastructure-as-code (Terraform), policy-as-code (OPA/Conftest), and CI systems (GitHub Actions, GitLab, or similar).
• Experience with log pipelines and SIEM/analytics tools; basic detection authoring.
• Familiarity with secure software development practices and OWASP Top 10.
• Exposure to healthcare, regulated environments, or privacy-centric design.

Culture & Benefits

• Hybrid work: Bay Area–based employees must be in the San Mateo office at least three days a week.
• Remote employees may travel occasionally to headquarters for company-wide events and onsite gatherings.
• Hourly compensation: $30–$50 per hour (varies by work location and experience).
• Regular exempt full-time employees may be eligible for stock options and Medical/Dental/Vision coverage with employer premium contributions, plus optional Health Savings Account with employer match and company-paid disability and life insurance.

Hiring process

• Recruiter outreach uses @hirify.globalhealth.com email addresses; interviews are not conducted via text/instant message.
• Assessment support is available if technical issues occur during application or assessment.

Location: San Mateo, CA (Hybrid; Bay Area employees in San Mateo office at least three days/week; remote employees may travel occasionally to headquarters)

Salary: $30–$50 per hour