Cloud Security Engineer

Job Description

As an IT specialist, you will be responsible for implementing and maintaining security controls at key IT systems and processes to secure the IT environment

Role

• Provide IT security advisory and support on IT security controls on security, architectural design, migration, management, and implementation
• Provide security implementation support on Azure / AWS
• Implement cloud-native security measures
• Improve traceability in public cloud environment
• Automate security best practices
• Maintain and ensure that cloud-based hardening baseline are implemented
• Maintain an inventory of container images and update approved container images, VM images, as deployed on cloud
• Improve reliability of cloud workloads:
• Automatically recover from failure where possible
• Test recovery procedures
• Scale horizontally to increase aggregate workload availability
• Capacity planning with appropriate telemetry
• Manage change through automation
• Ensure system recovery time and recovery point objectives are supported by cloud architecture, and remediate any gaps
• Ensure cloud setup meets data backup requirements of systems hosted on cloud, participate in data backup and restoration testing of cloud based systems
• Implement cloud security controls to strengthen corporate security posture with cloud-based solutions such as Azure Active Directory, Azure Information Protection, Data Loss Prevention, Information Rights Management, Intune (for Conditional Access/ MDM), single sign-on and multi-factor authentication
• Monitor and remediate risks events arising from public cloud workloads, e.g. risks events from Azure and Microsoft 365 security and compliance dashboards, AWS Security Advisor, etc
• Lead and participate in ongoing cloud security projects and strategy discussions
• Support IT security projects, e.g., Identity and Access Management, Data Loss Prevention (DLP), SIEM, Incident Management etc.
• Collaborate with various stakeholders to design and enhance IT service management processes, such as change management, incident management, problem management and asset management.

Qualifications

• 2-5 years of working experience on cloud security in AWS, Azure, and Microsoft 365
• Strong cross-domain IT expertise across IT security domains. Exposure to cloud security, network security, DevSecOps and IT operations would be valuable
• Ability to script, implement serverless architecture or implement DevSecOps principles in code would be advantageous
• Ownership mindset: openness to learn, find solutions, and lead initiatives to their completion
• Strong inter-personal and communication skills
• Team player and ability to work independently when the need arise
• Strong analytical skills and keen attention to details
• Industry and cloud certifications (e.g. AWS, Azure, M365 certifications) and understanding of relevant IT controls framework (e.g. CIS, AWS Well-Architected Framework) would be a bonus

If you are interested in this position, please click "Apply Now" and we will review your qualifications & reach out to you for further discussion & next steps.

Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days please accept this as notification that you have not been shortlisted.

EA Licence No: 11C5502
Registration No: R1876903