Detection Focused Senior Cloud Security Consultant (JAPAC)

TL;DR

Detection Focused Senior Cloud Security Consultant (JAPAC): Conducting cloud security assessments and building detection logic for AWS and Azure with an accent on identity-based threats, misconfiguration-driven attack paths, and detection/alerting that works in cloud-native and third-party SIEM/XDR environments. Focus on translating Purple Team gaps into concrete, deployable detection content and producing high-quality reports for technical and executive audiences.

Location: Australia - Remote, WA

Company

hirify.global is a cybersecurity company providing an AI-native platform to stop breaches.

What you will do

• Run cloud security assessments across AWS and Azure, reviewing configurations, identity architectures, network exposure, and attack paths.
• Design and build detection logic and alerting for cloud control plane activity, identity-based threats, and misconfiguration-driven exposure.
• Automate assessment work by extracting and correlating data across large datasets and turning repeatable analysis into reusable outputs.
• Partner with Red Team during Purple Team exercises to test detection/response and convert gaps into actionable recommendations.
• Collaborate with delivery teams to turn assessment findings into detection content ready to deploy.
• Lead client engagements end-to-end (scoping through delivery) and produce clear reports/presentations for technical and executive audiences.

Requirements

• Strong practical experience with AWS and Azure, including identity, compute, networking, storage, serverless, and logging/monitoring.
• Experience building detection content (queries, alerting logic) and reducing noise in cloud-native and third-party SIEM/XDR environments.
• Ability to trace how misconfigurations chain into realistic attack paths and understand common cloud attack patterns (privilege escalation, lateral movement, persistence, data exfiltration).
• Scripting ability in Python (or equivalent) and comfort working with large datasets and assessment automation.
• Working knowledge of query languages such as KQL, SPL, or cloud-native query engines.
• Strong written and verbal communication in English for presenting findings to both CISO-level and engineering audiences.

Nice to have

• GCP experience.
• Additional language proficiency, especially Mandarin, Japanese, Hindi, or Thai.
• Cloud incident response experience (AWS, Azure, or M365).
• Kubernetes/container security and/or CI/CD pipeline security and DevSecOps practices.
• Detection engineering experience in traditional enterprise environments (on-prem AD, Windows endpoint telemetry, Wintel infrastructure).

Culture & Benefits

• Competitive compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays, plus paid parental and adoption leaves.
• Professional development opportunities for all employees.
• Employee networks and volunteer opportunities; vibrant office culture with world-class amenities.

Hiring process

• Interviews focused on technical depth in cloud security/detection engineering and communication with technical and executive stakeholders.
• Assessment of hands-on experience building detections and translating Purple Team findings into deployable recommendations.