全职 Cloud Security Engineer 工作, 薪水, Weshine Federal Territory 公司招聘中 - Ricebowl

Salary Range: MYR 9.800 - 12.000 (Gross)

Work Mode: Onsite

Weshine is hiring for our client (Handshakes AI), based in Singapore, for a role based in Malaysia. Handshakes is an award-winning DataTech company. Enabling our clients to make safer, more informed decisions by delivering meaningful insights, harnessed from reliable data.

Security governance and cloud risk management are central to our technology strategy. Our Cloud Security function ensures strong control oversight, clear policy definition, and effective risk management across our cloud and SaaS environments.

We are looking for a Cloud Security Engineer II to design, implement, and continuously improve our cloud security controls, identity architecture, and governance guardrails. The role is critical in maintaining a secure, compliant, and well-governed cloud environment.

RESPONSIBILITIES

Identity and Access Management Architecture

• Design and maintain role-based access control (RBAC) models and IAM policies that enforce least privilege principles across cloud and enterprise SaaS.
• Ensure identity structures align with organizational roles, segregation of duties requirements, and compliance standards.

Cloud Guardrails and Policy Enforcement

• Define, implement, and maintain cloud-native guardrails (e.g., service control policies, policy-as-code, security configurations) that prevent misconfiguration and enforce security baselines across environments.
• Partner with Platform Engineering to ensure guardrails are embedded into infrastructure automation.

Security Posture Management

• Oversee cloud security posture management tools and continuously assess compliance with defined baselines.
• Identify configuration drift, security gaps, or policy violations and coordinate remediation with Reliability and Platform teams.

Access Governance and Reviews

• Lead structured periodic access review processes to validate entitlement accuracy, privileged access assignments, and role appropriateness.
• Ensure evidence is maintained for audit and compliance purposes.

Security Baseline Definition

• Establish and maintain baseline security standards for infrastructure, operating systems, cloud services, and SaaS platforms.
• Align baselines with industry best practices and organizational risk appetite.

Vulnerability Governance Oversight

• Review vulnerability findings from scanning tools, prioritize remediation requirements based on risk severity, and ensure remediation timelines are adhered to by operational teams.

Third-Party Technical Risk Assessment

• Conduct security assessments of vendors and third-party integrations from a technical controls perspective, identifying gaps and recommending mitigation strategies.

Security Reporting and Metrics

• Prepare governance dashboards and risk posture reports for leadership, highlighting trends, control effectiveness, and remediation progress.

REQUIREMENTS

• Strong hands-on experience with AWS services and security tools.
• Deep understanding of least privilege principles and RBAC design.
• Experience implementing cloud security guardrails and policy-as-code.
• Familiarity with vulnerability management processes.
• Knowledge of security benchmarks (e.g., CIS frameworks).
• Ability to translate risk into actionable technical controls.