- Define and maintain enterprise cloud security architecture, standards, and security patterns across public cloud environments (AWS, Azure, and/or GCP).
- Develop cloud security roadmaps aligned with business objectives, regulatory requirements, and industry best practices.
- Provide security architecture guidance for cloud-native applications, microservices, APIs, containers, and serverless technologies.
- Lead security design reviews, threat modelling exercises, and security assessments for new technology initiatives and cloud migrations.
- Lead the implementation and continuous enhancement of cloud security controls, including identity security, network security, encryption, secrets management, and workload protection.
- Establish secure cloud landing zones and security guardrails.
- Develop scalable security engineering capabilities through automation and Infrastructure-as-Code (IaC).
- Embed security controls within CI/CD pipelines and software development processes.
- Drive adoption of DevSecOps practices including SAST, DAST, SCA, container security, secrets management, and policy-as-code.
- Collaborate with engineering teams to improve secure coding practices and reduce security vulnerabilities.
- Champion security automation and orchestration initiatives to improve operational efficiency.
- Ensure cloud platforms comply with regulatory requirements, internal policies, and industry standards.
- Support audits, security assessments, and regulatory reviews.
- Provide security oversight for AI/ML platforms, data engineering pipelines, and GenAI initiatives.
- Design security controls for AI workloads, model governance, data protection, and AI risk management.
- Lead and mentor a team of cloud security architects and security engineers.
- Collaborate with senior technology leaders to align security initiatives with business and technology objectives.
Requirements:
- Bachelor's degree in Computer Science, Information Security, Engineering, or a related discipline.
- 12+ years of experience in Cyber Security, Security Engineering, Infrastructure Security, or Security Architecture.
- Minimum 5 years of experience designing and securing large-scale cloud environments (AWS, Azure, and/or GCP).
- Proven experience leading Cloud Security, Security Engineering, DevSecOps, or Platform Security teams.
- Strong experience within Financial Services, Banking, Insurance, FinTech, or other highly regulated industries.
- Deep understanding of Cloud Security Architecture and Engineering principles.
- Hands-on experience with AWS, Azure, and cloud-native security services.
- Strong knowledge of Kubernetes, containers, microservices, serverless technologies, and API security.
- Familiarity with cloud security technologies such as CSPM, CWPP, CNAPP, SIEM, SOAR, EDR, and vulnerability management platforms.
- Experience conducting threat modelling, security architecture reviews, and cloud security risk assessments.
- Proven ability to lead, mentor, and develop high-performing security engineering teams.
- Strong stakeholder management skills with the ability to influence senior technology and business leaders.
If you are interested in this opportunity and believe your experience aligns with the requirements above, please submit your updated resume to .
Only shortlisted candidates will be contacted. All applications will be treated with strict confidentiality.
Pam Lim
Morgan Mckinley Pte Ltd
EA Licence No: 11C5502 | EAP Registration No: R1106192
