ENCORA TECHNOLOGIES PTE. LTD. Hiring! Full Time Cloud Security Engineer in Islandwide (Singapore), Earn up to SGD 7,000 - Ricebowl

Job Tasks and Responsibilities

Conduct cloud security assessments, architecture reviews and risk assessments for GCC and public sector cloud environments on AWS and Azure

Design, implement and maintain secure cloud architecture, landing zones, guardrails and baseline configurations across AWS and Azure platforms

Harden cloud infrastructure, services, virtual machines, containers and platform components based on approved security standards and benchmarks

Develop scripts and Infrastructure as Code to automate cloud security hardening, monitoring, compliance checks and remediation activities

Implement and manage cloud identity and access management controls including least privilege, federation, privileged access, secrets and key management

Configure and maintain cloud security controls such as network segmentation, firewalls, WAF, DDoS protection, private connectivity and encryption

Maintain cloud security monitoring, logging and alerting capabilities, and support threat detection, investigation and incident response activities

Work with Cloud, DevOps and Application teams to integrate security controls into CI/CD pipelines and secure software delivery processes

Perform vulnerability assessments, configuration reviews and remediation tracking for workloads deployed on AWS and Azure

Conduct reviews to ensure compliance with security policies, public sector requirements, data residency controls and cloud governance standards

Work with Engineering and Operations teams to manage cloud security findings and drive closure through the defect life cycle

Improve cloud security processes, standards, playbooks and tools to enhance security posture and operational efficiency

Take on a secondary role as a DevSecOps Engineer

or

Cloud Platform Security Engineer

where required by project needs

Collaborate with cross-functional teams to enhance security across the cloud development and operations pipeline

EXPERIENCE AND SKILLS NEEDED

Min 4 years of experience in cloud security engineering, cloud security assessment, analysis and remediation

Experience in AWS and Azure, including GCC and public sector / regulated cloud environments, will be an added advantage

Experience in secure cloud architecture design, landing zones, account/subscription segregation and cloud governance will be an added advantage

Experience in agile development environment will be an added advantage

Experience with continuous integration and continuous delivery using GitLab, Azure DevOps, GitHub Actions, Jenkins or other similar tools will be an added advantage

Experience with Infrastructure as Code tools such as Terraform, CloudFormation, Bicep, ARM templates or equivalent will be an added advantage

Experience with AWS security services such as IAM, Organizations, Control Tower, KMS, CloudTrail, Config, GuardDuty, Security Hub, Inspector, WAF or equivalent will be an added advantage

Experience with Azure security services such as Microsoft Entra ID, Azure Policy, Key Vault, Defender for Cloud, Microsoft Sentinel, Azure Monitor, Azure Firewall or equivalent will be an added advantage

Experience with cloud security posture management (CSPM), cloud workload protection (CWPP), CNAPP tools such as Wiz, Prisma Cloud, Defender for Cloud, Lacework, Orca or equivalent will be an added advantage

Experience with container and Kubernetes security for AKS, EKS, image scanning, runtime protection and secrets management will be an added advantage

Experience with IAM, PAM, zero trust, encryption, PKI, SIEM/SOAR, incident response and cloud logging will be an added advantage

Experience with vulnerability management and cloud-native security testing tools, including SAST, DAST, SCA, secrets scanning or equivalent will be an added advantage

Experience with compliance and governance standards such as CIS Benchmarks, NIST, ISO 27001, SOC 2, PCI DSS and applicable GCC / public sector regulatory requirements will be an added advantage

Certified cloud and security professionals such as AWS Certified Security – Specialty, AWS Solutions Architect, Microsoft Certified: Azure Security Engineer Associate (AZ-500), Azure Solutions Architect, CCSP, CCSK, CISSP, CISM or equivalent will be an added advantage

Security testing-specific certifications such as CEH, OSCP, GPEN, GWAPT or equivalent will be an added advantage

Degree or Diploma in Computer Science, Computer or Electronics Engineering, Information Technology or related disciplines