Job Description

Role

• Provide IT security advisory and support on IT security controls on security, architectural design, migration, management, and implementation
• Provide security implementation support on Azure / AWS
• Implement cloud-native security measures
• Improve traceability in public cloud environment
• Automate security best practices
• Maintain and ensure that cloud-based hardening baseline are implemented
• Maintain an inventory of container images and update approved container images, VM images, as deployed on cloud
• Improve reliability of cloud workloads:
• Automatically recover from failure where possible
• Test recovery procedures
• Scale horizontally to increase aggregate workload availability
• Capacity planning with appropriate telemetry
• Manage change through automation
• Ensure system recovery time and recovery point objectives are supported by cloud architecture, and remediate any gaps
• Ensure cloud setup meets data backup requirements of systems hosted on cloud, participate in data backup and restoration testing of cloud based systems
• Implement cloud security controls to strengthen corporate security posture with cloud-based solutions such as Azure Active Directory, Azure Information Protection, Data Loss Prevention, Information Rights Management, Intune (for Conditional Access/ MDM), single sign-on and multi-factor authentication
• Monitor and remediate risks events arising from public cloud workloads, e.g. risks events from Azure and Microsoft 365 security and compliance dashboards, AWS Security Advisor, etc
• Lead and participate in ongoing cloud security projects and strategy discussions
• Support IT security projects, e.g., Identity and Access Management, Data Loss Prevention (DLP), SIEM, Incident Management etc.
• Collaborate with various stakeholders to design and enhance IT service management processes, such as change management, incident management, problem management and asset management.

Qualifications

• 2-5 years of working experience on cloud security in AWS, Azure, and Microsoft 365
• Strong cross-domain IT expertise across IT security domains. Exposure to cloud security, network security, DevSecOps and IT operations would be valuable
• Ability to script, implement serverless architecture or implement DevSecOps principles in code would be advantageous
• Ownership mindset: openness to learn, find solutions, and lead initiatives to their completion
• Strong inter-personal and communication skills
• Team player and ability to work independently when the need arise
• Strong analytical skills and keen attention to details
• Industry and cloud certifications (e.g. AWS, Azure, M365 certifications) and understanding of relevant IT controls framework (e.g. CIS, AWS Well-Architected Framework) would be a bonus

If you are interested in this position, please click "Apply Now" and we will review your qualifications & reach out to you for further discussion & next steps.

Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days please accept this as notification that you have not been shortlisted.

EA Licence No: 11C5502
Registration No: R1876903

eFinancialCareers