Назад
Company hidden
10 часов назад

Staff Application Security Engineer (AI)

114 000 - 240 000$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Staff Application Security Engineer (AppSec/AI): Defining and driving the application and product security architecture for a cloud-native SaaS platform with an accent on secure SDLC, shift-left automation, and AI/agentic technologies. Focus on establishing security guardrails for LLMs, leading complex threat modeling, and developing novel defense techniques against AI-layer attacks.

Location: Must be based in the United States

Salary: $114,000 - $240,000 USD

Company

hirify.global is an SAP company providing a cloud-native Context Intelligence Platform that harmonizes and governs enterprise data for AI agents and systems.

What you will do

  • Define and drive the overall application security architecture, vision, and roadmap across the SaaS platform.
  • Embed security throughout the SDLC by implementing secure coding standards and shift-left automation.
  • Design and operationalize security controls (SAST, SCA, DAST) within CI/CD pipelines.
  • Lead threat modeling and technical risk assessments for complex, high-impact systems.
  • Establish AI security guardrails for LLMs and agentic workflows, including Model Context Protocol (MCP) security.
  • Perform penetration testing on applications, APIs, and AI layers to validate control effectiveness.

Requirements

  • 8+ years of experience in application security or software development within cloud-native or SaaS environments.
  • Strong expertise in OWASP Top 10 and OWASP API Top 10 vulnerabilities and prevention strategies.
  • Hands-on experience with Java, Spring Boot, Node.js, or C# and modern UI frameworks.
  • Experience with AWS, GCP, or Azure, and securing Kubernetes/containerized environments.
  • Proficiency with Burp Suite Pro and application security platforms (Wiz preferred).
  • Must be based in the United States.

Nice to have

  • Experience securing LLM applications and agentic guardrail frameworks (e.g., NeMo, AWS Bedrock).
  • Experience building AppSec automation or using orchestration tools like DefectDojo.
  • Knowledge of industry frameworks such as SOC 2, HITRUST, or ISO 27001.
  • Experience applying ML/AI techniques to enhance security detection and risk prioritization.

Culture & Benefits

  • Flexible work arrangements based on a distributed workforce model.
  • Collaborative environment driven by values of "Customer First" and "Better Together".
  • Opportunity to work with unrivaled technology enabling digital transformation via connected data.
  • Inclusive workplace committed to equal employment opportunity.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →