Security Engineer

Описание вакансии

Please note that we will only be able to accept candidates who have the appropriate rights and documentation for employment in Malaysia.

Who We Are.

Axi is a leading global provider of margin and deliverable Foreign Exchange, Contracts for Difference (CFDs), and Financial Spread betting. Our business has evolved into a world-class, multifaceted brokerage with offices in six regions. With heavy investment in the latest trading technology, Axi seeks to offer the most comprehensive end-to-end trading experience available, servicing traders of all levels from beginners to institutional-level clients.

Let's talk about the cool stuff you will do at Axi!

You will play a key role in keeping Axi colleagues safe in the world of Cyber. With a key focus on engineering and automation, this role focuses on implementing strategic solutions to security problems, providing a secure environment for our customers and colleagues to operation in, without large operational overheads. Ranging from DevSecOps practices implementing security controls as code to policy-based controls across our network or identity environments.

Your EDGE Assignment/You Will

•    Operate as a core member of the Security team and act as a subject matter expert for Axi in partnership with Axi strategic partners.

•    Keep abreast of and play a hands on, investigative role in security incidents providing essential information to key control points.

•    Drive improvements in threat intelligence capabilities aligned to industry best practice.

•    Research security trends and emerging technologies, identify our business and technical requirements, perform technical evaluation and support deployment of multi-regional security solutions.

•    Review implementation of security controls and evaluate effectiveness, make recommendations for improvements, and execute against those recommendations.

•    Play a key role in projects through design, pilot, and deployment for new security solutions across multivendor cloud environments.

•    Take a leading role in specific projects aligned to key skillsets ensuring delivery to a high standard.

Are you the one?

• Strong hands-on experience securing Microsoft Azure environments
• Expertise in Microsoft Defender for Cloud (secure score, recommendations, workload protection)
• Secure configuration & hardening of Azure Storage, VMs, Key Vault, and Networking (NSG, private access)
• Solid understanding of the Azure shared responsibility model

Microsoft Defender Expertise

• Experience with Defender for Endpoint and Defender for Identity
• Alert triage, investigation, and tuning using KQL
• Practical incident response experience (containment, RCA)

DevSecOps / Azure DevOps

• Securing Azure DevOps CI/CD pipelines
• Managing service connections, managed identities, secrets, and variable groups
• Integrating security into pipelines (SAST, DAST, SCA, dependency scanning)
• Translating pentest findings into automated pipeline controls

Offensive Security (Must-Have)

• Hands-on web, API, and cloud security testing
• Strong knowledge of OWASP Top 10 & OWASP API Top 10
• Attacker mindset with ability to design preventive controls

Nice to Have

• Red/Purple team exposure, MITRE ATT&CK
• Scripting (PowerShell / Python)
• WAF & API security (Akamai, Azure Front Door, Cloudflare)
• ISO 27001 / SOC 2 support
• Security automation (Azure Logic Apps / Functions)

Axi's bag of delights

• Competitive and attractive compensation.
• Extensive learning opportunities, such as professional training & certifications and soft skills development.
• Health and life insurance for employees along with 2 dependents.
• Generous time off, including 20 days of annual leave per year (incremental leave up to 25 days) and paid sick leave.
• Team-building experiences and corporate parties.

Axi's interview journey

• Talent Acquisition Interview (45 minutes)
• Hiring Team Interview (45 minutes)
• Final Interview (30 minutes)

Please note that our organization works with recruitment agencies on a pre-approved basis only. A recruitment agency that wishes to submit candidate profiles or resumes for consideration must obtain prior written consent from our talent acquisition team. We do not accept unsolicited resumes from recruitment agencies, and we will not be responsible for any fees related to unsolicited resumes. Should we receive an unsolicited resume from a recruitment agency that does not have prior written consent, we will not be responsible for the payment of any fees related to the recruitment of the candidate represented in the unsolicited resume.

At Axi, we prioritize creating a workplace that upholds fairness and respect for all. We encourage every individual within our community to contribute towards a culture where everyone feels a sense of belonging and is treated with the dignity they deserve. We make all employment-related decisions—whether in hiring, compensation, training, performance reviews, or termination—based on merit and without bias, ensuring equal opportunities for everyone. We consciously work to identify and overcome any unconscious biases, with a commitment to fostering an inclusive environment where every employee and candidate feels genuinely welcomed and valued.