Senior Security Engineer (AppSec)

TL;DR

Senior Security Engineer (AppSec): Integrating and maturing enterprise application security tooling and vulnerability management across a modern software delivery environment with an accent on CI/CD pipeline security and developer enablement. Focus on building automated remediation workflows, driving scalable vulnerability management programs, and embedding security-by-design principles into cloud-native and AI-enabled products.

Location: Must be a US citizen and based in the United States

Compensation: $172,400 – $441,500 USD (Total Target Compensation based on geographic zone)

Company

hirify.global is a global leader in data resilience and security posture management, dedicated to securing data and AI for over 550,000 customers worldwide.

What you will do

• Deploy and optimize security tooling including SAST, DAST, SCA, IAST, and container scanning across CI/CD pipelines.
• Build automated workflows for vulnerability ingestion, prioritization, and remediation tracking using tools like Jira and SIEM.
• Drive enterprise vulnerability management initiatives, including SLA tracking and security posture dashboards.
• Embed security-by-design principles and policy-as-code capabilities into cloud and application environments.
• Partner with DevOps and platform teams to improve automated security validation and software supply chain security.
• Mentor engineers on secure development practices and serve as a senior technical advisor for product security.

Requirements

• Must be a US citizen due to the nature of federal customer support.
• 8+ years of experience in Application Security, Product Security, or DevSecOps.
• 3+ years of hands-on experience with SAST, DAST, SCA, and IAST tooling.
• 3+ years of experience in vulnerability management, risk scoring, and remediation coordination.
• Strong experience with Secure SDLC, threat modeling, and software supply chain security.
• Proficiency in scripting and automation using Python, Bash, or PowerShell.

Nice to have

• Experience in regulated or compliance-driven environments.
• Familiarity with AI/ML security risks and emerging practices.
• Relevant certifications such as CISSP, CISM, CSSLP, or cloud security certifications.
• Experience leading cross-functional security initiatives.

Culture & Benefits

• Unlimited paid time off plus 12 paid holidays and 24 volunteer hours annually.
• Comprehensive medical, dental, and vision coverage starting on day one.
• 401(k) retirement plan with company matching.
• Paid parental leave (8-16 weeks).
• Mental health support, therapy sessions, and digital wellness tools.
• Access to professional development resources like LinkedIn Learning and O'Reilly.