Senior Platform Engineer (Security)

TL;DR

Senior Platform Engineer (Security): Operating, securing, and hardening cloud infrastructure built on OpenStack and Ceph with an accent on Linux security baselines and vulnerability remediation. Focus on implementing CIS Benchmarks, managing infrastructure-layer vulnerabilities, and leading technical contributions for ISO 27001 audits.

Location: Washington D.C, Sarasota, Miami, New York City (USA) or Toronto (Canada)

Salary: $165,000 - $205,000 USD (USA) / $122,000 - $158,000 CAD (Canada)

Company

hirify.global is a freedom-first technology platform providing video services, cloud infrastructure, advertising solutions, and cryptocurrency wallets.

What you will do

• Implement and maintain security hardening (CIS Benchmarks, STIGs) across Linux hosts and the cloud control plane using Ansible and Terraform.
• Remediate vulnerabilities within the infrastructure layer, specifically targeting OpenStack, Ceph, and Kubernetes.
• Collaborate with DevSecOps engineers to align platform hardening with SSDLC practices.
• Lead technical evidence collection, control narratives, and responses for internal and external ISO 27001 audits.
• Improve core platform services on Linux, contributing to automation, capacity planning, and reliability engineering.
• Design security-centric logging, monitoring, and alerting systems in coordination with SRE and security teams.

Requirements

• Strong Linux systems engineering background (systemd, networking, storage, package management).
• Hands-on experience applying security hardening standards like CIS Benchmarks or STIGs at production scale.
• Expertise in vulnerability management (CVSS scoring) and Linux security controls (SELinux, AppArmor, auditd).
• Proficiency in infrastructure automation using Ansible, Terraform, and scripting in Bash or Python.
• Experience supporting compliance audits, including control documentation and evidence collection.
• Solid understanding of identity and authentication concepts (SSO, OAuth2/OIDC).

Nice to have

• Security certifications such as CISSP, CISM, CCSP, GSEC, GCIH, or Security+.
• Experience supporting ISO 27001, SOC 2, PCI DSS, or FedRAMP audits.
• Familiarity with OpenStack services (Nova, Neutron, Keystone, Cinder) and Ceph.
• Knowledge of Kubernetes security, including CIS Kubernetes Benchmarks and Pod Security Standards.
• Experience with SIEM/EDR tools, Vault secrets management, and disk encryption (LUKS).

Culture & Benefits

• Competitive base salary, benefits, and equity packages.
• Work environment focused on challenging the status quo and competing against Big Tech.
• Fast-paced culture that encourages trying new things and rapid execution.
• Opportunity to make a significant impact for a large video creator community.