Job Description

We are seeking a highly skilled and motivated risk-oriented Cloud Security person to join our team. The ideal candidate will have a strong background in cloud security, risk assessment, and compliance, with a focus on identifying and mitigating security risks associated with our cloud-based services and infrastructure.

This role requires expertise in cloud platforms, security best practices, and the ability to work collaboratively with cross-functional teams to safeguard our cloud environment.

Job Requirement:

• Cloud Security Architecture: Design and maintain a secure cloud architecture, including access controls, network security, and encryption mechanisms. Ensure adherence to industry best practices and compliance standards.
• Designing and implementing security controls: Design and implement security controls to protect cloud-based systems from cyber threats and work with other IT teams to identify potential vulnerabilities and develop strategies to mitigate them.
• Risk Assessment: Conduct comprehensive risk assessments of our cloud environment, including infrastructure, applications, and data repositories. Identify potential security vulnerabilities and threats.
• Risk Mitigation: Develop and implement risk mitigation strategies to address identified vulnerabilities and threats. Collaborate with cross-functional teams to remediate security issues.
• Compliance: Ensure cloud security compliance with relevant regulations, standards (e.g., ISO 27001, NIST, CIS), and internal policies. Conduct regular compliance checks and assessments.
• Integrating security into the DevOps process: Integrates security into the DevOps process by working with developers to ensure that security is built into the software development lifecycle. Incorporate testing technologies such as static code analysis, dynamic code analysis, and penetration testing into DevOps process to identify potential vulnerabilities and develop strategies to mitigate them.
• Automating security testing: Automate security testing to ensure that security is integrated into the continuous integration and continuous deployment (CI/CD) pipeline. Manage solutions like Azure Security Center, Azure Sentinel, and Azure Defender to automate security testing and provide real-time threat intelligence.
• Security Audits and Reviews: Participate in security audits and reviews of cloud infrastructure and services. Address audit findings and recommendations.
• Security Monitoring: Manage security monitoring tools and systems to detect and respond to security incidents in real-time. Develop incident response plans and lead incident response efforts when necessary.
• Security Documentation: Maintain comprehensive documentation of security policies, procedures, and configurations. Keep documentation up-to-date and accessible to relevant stakeholders.
• Collaboration: Collaborate with cross-functional teams, including DevOps, IT, and development teams, to integrate security into the software development lifecycle (SDLC) and cloud deployment processes.
• Incident Response: Participate in incident response activities, including root cause analysis, post-incident reports, and continuous improvement of security measures.
• Security Awareness: Promote security awareness and best practices among team members and end-users. Provide training and resources to enhance security awareness.

\xe2\xa0\x80

Qualifications:

• Bachelor\'s degree in computer science, information security, or a related field.
• At least 6 years of proven experience in cloud security, including expertise in Microsoft Azure Cloud Platform.
• Prefer Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Azure Solutions Architect Expert, Microsoft Cybersecurity Architect Expert Security or other relevant.
• Strong knowledge of security frameworks, standards, and regulations (e.g., ISO27017, NIST, CIS, GDPR, HIPAA).
• Experience with security tools and technologies such as SIEM, IDS/IPS, firewalls, and endpoint security.
• Knowledge of threat modeling, risk assessment methodologies, and security risk management.
• Excellent problem-solving and analytical skills.
• Effective communication skills and the ability to collaborate with cross-functional teams.
• Strong attention to detail and a proactive approach to security.

Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only. At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.

Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only.

At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.

KPMG