Hiive
Financial Technology
SeniorSecurityEngineer
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Security Engineer at Hiive. Skills: Vulnerability management, Application security, AI security, Cloud security. Own vulnerability management end-to-end. Be security partner for AI adoption”
What You'll Achieve.
Ensure AI adoption happens without opening new attack surface or leaking sensitive data; Keep patching, scanning, and remediation cycles ahead of industry curve; Respond quickly when new CVEs drop or coordinated disclosure waves hit
Industry & Context.
Prioritizing exploitable vulnerabilities over raw severity; Validating real-world exposure before remediation effort is spent
What They're Looking For.
Must Have
3+ years of hands-on security experience spanning vulnerability management, application security, or penetration testing, Operating proficiency with SAST, SCA, DAST, and external reconnaissance tooling, Hands-on cloud security in AWS, with working knowledge of Kubernetes and container security, Working knowledge of CI/CD pipelines and where security gates fit in the development workflow, Familiarity with dependency management, SBOM generation, and software supply chain risks, Willingness to use AI tools daily — coding agents, LLM-based scanners — and learn fast as the tooling evolves, Clear communication: you can translate vulnerability data and AI risk into language non-technical stakeholders can act on
Nice to Have
Experience evaluating or securing AI/ML tools in an enterprise setting, including vendor assessments, data classification for AI inputs, or writing AI acceptable use policies, CISSP or OSCP certification, CEH certification, Familiarity with AI-specific risks: prompt injection, excessive agency, agentic supply chain threats (OWASP LLM Top 10, OWASP Agentic Top 10), Experience with LLM-based security tools or autonomous vulnerability discovery, Background in cloud security posture management or infrastructure-as-code security, Familiarity with NIST CSF, MITRE ATT&CK/ATLAS, or SOC 2 compliance, Prior work on a small, high-autonomy security team where you wore multiple hats
What You'll Do.
Own vulnerability management end-to-end
Be security partner for AI adoption
remediation ahead of curve
Triage and coordinate vulnerability remediation
Tune existing security stack
Integrate LLM-based code review into CI/CD
Act as security point of contact for AI tools
Define and maintain guardrails for enterprise AI use
Own vendor security review process
Run internal penetration testing
Support incident response
Maintain asset inventory and SBOMs
Report vulnerability posture metrics
How You'll Work.
Team & Collaboration
Security partner for every department adopting AI; Work with product team; Collaborate with engineering, product, operations, finance; Report vulnerability posture metrics to CISO
Communication Scope
Clear communication; Translate vulnerability data and AI risk into language non-technical stakeholders can act on
Full Job Description
Hiive is redefining how private companies and their shareholders access liquidity. Through its institutional-grade platform, Hiive brings together buyers, sellers, and issuers to facilitate secondary transactions in venture-backed, pre-IPO companies, introducing efficiency, transparency, and standardization to an otherwise opaque asset class. Recognized as one of Canada’s fastest-growing companies and backed by leading U.S. investors, Hiive is profitable, well-capitalized, and building a high-performance team to meet growing demand and pursue new market opportunities. Interested in learning more about life at Hiive? Check out our careers page https://www.hiive.com/careers to see how you can grow with us! As a Senior Information Security Engineer at Hiive, you'll own vulnerability management end-to-end on a three-person security team and be the security partner for every department adopting AI. Teams across the company — engineering, product, operations, finance — are rolling out AI tools and agents at an accelerating pace, and you'll make sure that happens without opening new attack surface or leaking sensitive data. You'll also keep our patching, scanning, and remediation cycles ahead of an industry curve where time-to-exploitation has collapsed from months to hours. In this role, your responsibilities would include: - Triaging and coordinating remediation of vulnerabilities across SAST, SCA, DAST, CSPM, external reconnaissance, security advisories, and external bug reports on a defined SLA. - Tuning the existing security stack, reducing noise, and prioritizing exploitable vulnerabilities over raw severity — validating real-world exposure before remediation effort is spent. - Integrating LLM-based code review into the CI/CD pipeline so every change — human-written or AI-generated — gets a security review before merge. - Acting as the security point of contact for any department adopting AI tools, agents, MCP integrations, or custom AI/ML pipelines: reviewing propos
Applying for this Senior Security Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Hiive?
Real rants from real employees. Read before you apply.