Product Security Engineer II (Cybersecurity)

TL;DR

Product Security Engineer II (Cybersecurity): Developing security guardrails and AI-accelerated patterns to ensure secure-by-default software development with an accent on vulnerability management and developer enablement. Focus on building scalable security tooling, performing threat modeling, and remediating risks across cloud-native environments.

Location: Hybrid (Amsterdam, Netherlands) - Office attendance required 3 times a week

Company

hirify.global is a technology-driven global trade platform aimed at making global commerce easier and more accessible for companies of all sizes.

What you will do

• Build guardrails and AI-accelerated patterns to make secure-by-default the path of least resistance for developers.
• Develop and maintain scalable security tooling and automation for product security.
• Conduct threat modeling, design reviews, and code reviews to balance risk against velocity.
• Triage and validate bug bounty submissions and internal security reports, reducing SAST and vulnerability scanner noise.
• Create actionable security patterns, runbooks, and documentation to scale team practices.
• Monitor emerging threats and integrate new web and cloud security findings into product discussions.

Requirements

• 2–5 years of experience in product/application security or security-focused software development.
• Strong grasp of web application security principles and OWASP Top 10.
• Proficiency with application testing tools such as Burp Suite, OWASP ZAP, or browser developer tools.
• Working knowledge of at least one modern language (Ruby, Java/Kotlin, TypeScript/JavaScript, Python) and a major cloud provider (AWS, GCP, Azure).
• Hands-on experience with SAST tools like Cycode, Semgrep, or Snyk.
• Must be based in or be able to work from the Amsterdam office 3 times a week.

Nice to have

• Hands-on experience with bug bounty platforms.
• Expertise in cloud infrastructure security and container technologies.
• Participation in CTF events or open-source security projects.
• Familiarity with threat modeling frameworks and secure SDLC best practices.

Culture & Benefits

• Daily catered lunches, breakfast, snacks, and soft drinks in the office.
• Full payment of monthly health insurance premiums.
• Equity program providing every team member with a direct stake in company growth.
• Defined pension contribution scheme and coverage for home-office commuting costs for those living outside Amsterdam.
• 25 working days of vacation and comprehensive parental leave benefits.
• Access to frontier AI models and latest hardware/software.