Responsibilities
- Develop and document security policies, procedures, and guidelines for cloud environments.
- Develop risk assessment and security frameworks to support a comprehensive and consistent risk assessment methodology suited to the environment.
- Conduct architecture reviews and threat modelling exercises for new and existing systems, identifying design-level risks and recommending mitigations
- Produce clear, actionable risk assessment reports with prioritised recommendations for risk treatment and mitigation, tailored to the risk appetite and regulatory expectations.
- Review and finetune detection rules, correlation logic, and security policies to improve alert fidelity, reduce false positives, and enhance the overall effectiveness of security controls
- Collaborate with Security Engineering team to continuously improve detection and response capabilities through regular reviews and feedback loops
Requirements
- Bachelor's Degree in Computer Science, Cybersecurity, Information Security, or a related field.
- Minimum 2 years of experience in cybersecurity, cloud security, security architecture, or cyber risk management.
- Strong knowledge of cloud security principles and platforms (AWS, Azure, and/or GCP).
- Experience developing security policies, standards, governance frameworks, and conducting cybersecurity risk assessments.
- Proven experience performing security architecture reviews, threat modelling, and identifying security risks with appropriate mitigation strategies.
- Familiarity with security frameworks and standards such as NIST, ISO 27001, CIS Controls, and MITRE ATT&CK.
- Experience with SIEM, security monitoring, detection engineering, and tuning detection rules to improve alert quality and reduce false positives.
- Strong stakeholder management, communication, and report-writing skills, with relevant certifications (e.g., CISSP, CCSP, CISM, or CRISC) being an advantage.
If you are interested in this role and would like to discuss the opportunity further please click apply now or email Chew Kai-Xinn at [Confidential Information] for more information.
Only shortlisted candidates will be responded to, therefore if you do not receive a reply within 14 days please accept this as notification that you have not been shortlisted.
Morgan McKinley Talent Solutions
Morgan McKinley Pte Ltd EA Licence No: 11C5502
EAP Registration No: R2196712
EAP Name: Chew Kai-Xinn
