Security Engineer (Microsoft Azure)

TL;DR

Security Engineer (Microsoft Azure): Implementing strategic security solutions and automation to protect hirify.global's environment, focusing on DevSecOps practices, policy-based controls, and incident response. Focus on securing Microsoft Azure environments, CI/CD pipelines, and performing offensive security testing.

Location: Must have appropriate rights and documentation for employment in Malaysia

Company

hirify.global is a leading global provider of margin and deliverable Foreign Exchange, Contracts for Difference (CFDs), and Financial Spread betting services.

What you will do

• Operate as a core member of the Security team and act as a subject matter expert.
• Investigate security incidents and provide essential information to key control points.
• Drive improvements in threat intelligence capabilities aligned to industry best practice.
• Research security trends, identify requirements, evaluate, and support deployment of multi-regional security solutions.
• Review and improve the effectiveness of security controls.
• Play a key role in designing, piloting, and deploying new security solutions across multivendor cloud environments.
• Take a leading role in specific security projects, ensuring high-standard delivery.

Requirements

• Strong hands-on experience securing Microsoft Azure environments.
• Expertise in Microsoft Defender for Cloud (secure score, recommendations, workload protection).
• Secure configuration and hardening of Azure Storage, VMs, Key Vault, and Networking (NSG, private access).
• Solid understanding of the Azure shared responsibility model.
• Experience with Defender for Endpoint and Defender for Identity, including alert triage, investigation, and tuning using KQL.
• Practical incident response experience (containment, RCA).
• Experience securing Azure DevOps CI/CD pipelines, managing service connections, identities, secrets, and integrating security into pipelines (SAST, DAST, SCA).
• Hands-on web, API, and cloud security testing.
• Strong knowledge of OWASP Top 10 & OWASP API Top 10.
• Attacker mindset with ability to design preventive controls.

Nice to have

• Red/Purple team exposure, MITRE ATT&CK.
• Scripting (PowerShell / Python).
• WAF & API security (Akamai, Azure Front Door, Cloudflare).
• ISO 27001 / SOC 2 support.
• Security automation (Azure Logic Apps / Functions).

Culture & Benefits

• Competitive and attractive compensation.
• Extensive learning opportunities, professional training & certifications, and soft skills development.
• Health and life insurance for employees along with 2 dependents.
• Generous time off, including 20 days of annual leave (incremental up to 25 days) and paid sick leave.
• Team-building experiences and corporate parties.

Hiring process

• Talent Acquisition Interview (45 minutes).
• Hiring Team Interview (45 minutes).
• Final Interview (30 minutes).