jobs in Handshakes By DC Frontiers

全职 Cloud Security Engineer 工作, 薪水, Handshakes By DC Frontiers Federal Territory 公司招聘中 - Ricebowl

Cloud Security Engineer

Handshakes By DC Frontiers

Undisclosed

KL City, Federal Territory

分享
保存

工作地点

  • Kuala Lumpur Federal Territory Malaysia

职位描述

岗位职责

Handshakes by DC Frontiers is an award-winning DataTech company that leverages data to empower safe, informed business decisions.


We are currently looking for a Cloud Security Engineer to design, implement, and continuously improve our cloud security controls, identity architecture, and governance guardrails. This role is critical in maintaining a secure, compliant, and well-governed cloud environment.


Key Responsibilities


Identity and Access Management Architecture

  • Design and maintain role-based access control (RBAC) models and IAM policies that enforce least privilege principles across cloud and enterprise SaaS.
  • Ensure identity structures align with organizational roles, segregation of duties requirements, and compliance standards.


Cloud Guardrails and Policy Enforcement

  • Define, implement, and maintain cloud-native guardrails (e.g., service control policies, policy-as-code, security configurations) that prevent misconfiguration and enforce security baselines across environments.
  • Partner with Platform Engineering to ensure guardrails are embedded into infrastructure automation.


Security Posture Management

  • Oversee cloud security posture management tools and continuously assess compliance with defined baselines.
  • Identify configuration drift, security gaps, or policy violations and coordinate remediation with Reliability and Platform teams.


Access Governance and Reviews

  • Lead structured periodic access review processes to validate entitlement accuracy, privileged access assignments, and role appropriateness.
  • Ensure evidence is maintained for audit and compliance purposes.


Security Baseline Definition

  • Establish and maintain baseline security standards for infrastructure, operating systems, cloud services, and SaaS platforms.
  • Align baselines with industry best practices and organizational risk appetite.


Vulnerability Governance Oversight

  • Review vulnerability findings from scanning tools, prioritize remediation requirements based on risk severity, and ensure remediation timelines are adhered to by operational teams.


Third-Party Technical Risk Assessment

  • Conduct security assessments of vendors and third-party integrations from a technical controls perspective, identifying gaps and recommending mitigation strategies.


Security Reporting and Metrics

  • Prepare governance dashboards and risk posture reports for leadership, highlighting trends, control effectiveness, and remediation progress.


Required Skills & Experience

  • Bachelor’s Degree in Computer Science/ Information Technology or any related studies
  • Minimum 5 years of hands-on experience with AWS services and security tools
  • Deep understanding of least privilege principles and RBAC design
  • Experience implementing cloud security guardrails and policy-as-code
  • Familiarity with vulnerability management processes
  • Knowledge of security benchmarks (e.g., CIS frameworks)
  • Ability to translate risk into actionable technical controls


Nice-to-Have

  • Experience with cloud security posture management tools
  • Exposure to regulatory or audit environments (ISO 27001, 27017 etc.)
  • Familiarity with DevSecOps practices
  • Security certifications (e.g., AWS Security Specialty, CISSP, CCSP)


* Work Arrangement - 3 days work in office on hybrid working as per company policy.

重要安全守则

申请工作时,切勿提供您的银行或信用卡详细资料。不要转账或完成无关的在线调查问卷。如果您发现可疑内容,请举报此招聘广告。

了解更多