Назад
Company hidden
3 дня назад

Senior Application Security Engineer (AI)

Формат работы
remote (только United_states)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US/Argentina/Chile +4 еще
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (AI): Building and enforcing security strategies within the SDLC for a hospitality-focused AI platform with an accent on DevSecOps automation, cloud-native security, and developer enablement. Focus on integrating security tooling into CI/CD pipelines, managing vulnerability remediation, and partnering with engineering teams to ensure secure design at scale.

Location: Must be based in the United States or LATAM

Company

hirify.global provides a modern, AI-powered software platform for the hospitality industry, trusted by over 20,000 hoteliers globally.

What you will do

  • Define and enforce secure coding practices, dependency management, and design reviews across engineering teams.
  • Integrate and manage SAST, DAST, and SCA tools within CI/CD pipelines.
  • Partner with developers to identify security risks early in the software development lifecycle.
  • Implement secrets management, API authentication, and data protection best practices.
  • Triage and prioritize findings from bug bounties, penetration tests, and automated scans.
  • Automate evidence gathering and control enforcement for compliance frameworks like SOC 2 and ISO 27001.

Requirements

  • 6+ years of experience in security engineering, DevSecOps, or related roles.
  • Strong experience integrating security into modern SDLC pipelines.
  • Hands-on experience with AppSec tooling such as Snyk, OWASP ZAP, Burp Suite, or SonarQube.
  • Strong programming skills in Python, Go, or JavaScript.
  • Solid understanding of AWS security (IAM, KMS, Security Hub) and Kubernetes security (RBAC, OPA).
  • Must be based in the United States or LATAM.

Nice to have

  • Experience with Terraform, Helm, and GitOps practices.
  • Knowledge of container security tools like Trivy, Falco, or Aqua.
  • Experience with cloud-native security best practices and networking.

Culture & Benefits

  • Fully remote engineering team with a global culture.
  • Canary Days: Monthly company-wide days off to ensure work-life balance.
  • Self-Improvement Club: Monthly budget for personal goal-related purchases.
  • Travel Reimbursement: Stipends for visiting offices in New York, San Francisco, or Dallas.
  • Personal Travel Reimbursement: Credits for stays at partner hotels.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →