Senior Cyber-Security Operations Analyst (Product AppSec)

TL;DR

Senior Cyber-Security Operations Analyst (Product AppSec): Design, build, and scale secure enterprise development and QA environments across Azure-based software delivery ecosystems with an accent on Azure DevOps CI/CD architecture and embedding security throughout the SDLC. Focus on implementing secure-by-design workflows, automating secure provisioning via IaC, and troubleshooting pipeline and environment reliability while supporting vulnerability remediation.

Location: United States (US citizens only)

Salary: $121,400 — $225,300 USD (Zone 4: All other US locations)

Company

hirify.global provides data and AI trust solutions focused on securing and ensuring resilience of data and AI.

What you will do

• Design and enhance Azure DevOps platform capabilities, including reusable CI/CD templates, pipeline standards, and developer enablement tooling.
• Build and optimize secure CI/CD pipelines with security scanning, secrets management, artifact validation, and policy enforcement.
• Build and support scalable development and QA environments, improving provisioning, configuration management, and deployment automation.
• Implement and maintain infrastructure-as-code solutions using Terraform, Ansible, and PowerShell across Azure cloud environments.
• Embed secure-by-design principles into SDLC workflows and support vulnerability remediation with Product Security and Infrastructure teams.
• Monitor CI/CD platform health, troubleshoot pipeline failures and deployment/environment issues, and mentor junior engineers on DevSecOps practices.

Requirements

• US citizenship required due to highly sensitive data and support for federal customers (security clearance not required, but may be requested in the future).
• 8+ years of experience in DevSecOps, DevOps, Platform Engineering, or Build Engineering.
• Hands-on experience with Azure DevOps and CI/CD pipeline engineering/build and release automation.
• Experience with Terraform, Docker, Kubernetes, Git, PowerShell, Python, and Bash.
• Strong understanding of DevSecOps practices, secure SDLC, IaC, and cloud security.
• Experience with software supply chain security frameworks (SLSA, NIST SSDF, OWASP SCVS) and a Bachelor’s degree in CS/Engineering or equivalent experience.

Nice to have

• Experience implementing agentic AI engineering and development solutions.
• Relevant certifications (e.g., Azure DevOps Engineer Expert, CDP, GCSA, CCSP, CKS, HashiCorp Terraform Associate).
• Experience in regulated or compliance-driven environments.
• Familiarity with policy enforcement workflows, artifact repositories, and secrets management platforms.

Culture & Benefits

• Unlimited paid time off, 12 paid holidays, and 24 paid volunteer hours annually.
• Paid parental leave (8 weeks for all parents; 16 weeks for birthing parents).
• Medical, dental, and vision coverage starting on the first day, plus mental health support and therapy sessions.
• 401(k) retirement plan with company matching contributions.
• Tax-advantaged spending accounts for healthcare, dependent care, and commuting.
• Learning and growth via on-demand libraries, mentoring, workshops, and an annual Global Day of Learning.

Hiring process

• Application review followed by interviews to assess DevSecOps/CI-CD and secure SDLC experience.
• Evaluation of hands-on experience with Azure DevOps, IaC, and security scanning/policy enforcement.
• Final discussions focused on fit for secure-by-design operations and collaboration across Engineering, QA, Release Engineering, Platform Engineering, and Product Security.