Назад
Company hidden
4 дня назад

Sr Product Security Engineer

Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Brazil
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Sr Product Security Engineer: Contributing to the Product Security team by reducing security friction across engineering through devsecops integration, automation, vulnerability identification, and remediation. Focus on owning SAST, DAST, SCA, and CNAPP integration in CI/CD pipelines and building agentic security tooling (including LLM-assisted workflows) across the SDLC.

Location: Brazil

Company

hirify.global builds a platform for intentional living, connecting people with fitness, wellness, and other experiences.

What you will do

  • Partner with software engineering and platform teams to identify and solve complex security problems.
  • Operate, integrate, and continuously tune SAST, DAST, SCA, and CNAPP tooling within pipelines, triaging findings, driving remediation, and measuring coverage and effectiveness.
  • Design, build, and maintain agentic security tools, including LLM-assisted workflows for exploitable code identification, vulnerability triage, and remediation guidance across planning, development, testing, and production.
  • Identify security gaps and provide strategic remediation recommendations across the secure SDLC.
  • Facilitate continuous security testing, measurability, and reporting on the impact of security initiatives.

Requirements

  • 4+ years of experience across multiple security domains with an emphasis on product security and cloud-native security.
  • 2+ years of senior security experience leading and executing product security initiatives (e.g., devsecops, security consulting, penetration testing).
  • Hands-on experience operating and integrating SAST, DAST, SCA, WAF, and CNAPP solutions within CI/CD pipelines.
  • Proficiency in modern languages (Python, .NET, or TypeScript preferred) with experience building security automation, integrations, and agentic tooling.
  • Experience securing public cloud-based applications and infrastructure, including Docker and Kubernetes environments.
  • Comfort being hired under a CLT employment arrangement (Brazil).

Culture & Benefits

  • Work with a dedicated Product Security engineering team focused on safeguarding software products.
  • Emphasis on collaboration across engineering and security champions.
  • Continuous improvement mindset to strengthen security posture and reduce security friction.
  • Opportunity to build and scale security tooling across all phases of the SDLC.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →