Staff Security & Compliance Engineer

TL;DR

Staff Security & Compliance Engineer (Cybersecurity): Strengthening hirify.global’s security posture through security operations and advanced threat detection with an accent on security incident management, triage, and investigations. Focus on designing, implementing, and optimizing detection logic to identify sophisticated threats across the environment.

Location: Remote - Australia

Company

hirify.global is a data engine for IT and Security, trusted by many of the biggest names in the most demanding industries to solve their most pressing data needs.

What you will do

• Monitor security events and alerting via security tooling to identify and triage potential threats.
• Design, develop, implement, and maintain high-fidelity detection rules and alerts within SIEM and other security platforms.
• Act as a security incident response lead, improving detection capabilities during investigations.
• Conduct security assessments of corporate assets through vulnerability testing, threat hunts, and purple team activities.
• Collaborate with threat intelligence teams to integrate new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) into detection strategies.
• Partner cross-functionally with Product Security, IT, and Legal teams to strengthen overall security posture.

Requirements

• Knowledge and experience in working with modern security principles e.g. SIEM, security data lakes, detections as code, EDR, zero trust networking, and other security tooling, as well as demonstrated experience with incident response and management.
• Strong understanding of common attack frameworks (e.g., MITRE ATT&CK) and how to map detections to TTPs.
• Understanding of authentication and authorization schemes such as SAML, OpenID, OAuth2, and SCIM.
• Experience scripting/coding in at least one of the following languages: Python, NodeJS, Ruby, Bash.
• Proven ability to act as a technical subject matter expert on security, compliance, and assurance topics.
• We are a remote-first company and work happens across many time-zones – you may be required to occasionally perform duties outside your standard working hours.

Nice to have

• Experience with SIEM platforms like Panther and its detection capabilities.
• Familiarity with Wiz and cloud native security tooling for detection in AWS, Azure, or GCP.
• Relevant certifications in cloud security or incident response (e.g., SANS GIAC certifications).
• Proven experience in developing, deploying, and maintaining detection rules (e.g., Sigma, YARA, Splunk SPL, KQL) across various security platforms.

Culture & Benefits

• Remote-first company that empowers employees to do their best work, wherever they are.
• Collaborative, curious, and motivated team members who are passionate about putting customers first.
• Opportunity to evolve and champion the use of hirify.global products in the security tech stack to enhance detection, analysis, and response capabilities.
• Diversity drives innovation, enables better decisions to support our customers, and inspires change for the better.