About the Role
- Define, maintain, assess and govern cloud security related framework, policies, processes for MSL.
- Configure, test, implement and maintain cloud security related infrastructure/tools deployed.
- Implement and maintain data classification and labeling (Purview Information Protection), govern auto-labeling policies and testing.
- Test, Implement and tune DLP to MSL/Singapore data categories to minimise false positives with stakeholder sign-off.
- Test and perform key and certificate governance and rotation operations
- Produce regulatory evidence (label adoption, DLP effectiveness, incident handling artefacts) and run user awareness for sensitive data handling.
- L2 technical and incident response for cloud related security incident / compromise, and coordinate with SOC/Sentinel.
Key Responsibilities
1. Cloud security tooling and platform control implementation
- Configure/test/maintain security tools (e.g., Purview, DLP, Defender for Cloud, Sentinel connectors, CASB features as applicable).
- Define runbooks, monitoring, alert tuning.
- Implement change management, rollback plans, and BAU maintenance.
2. Cloud security governance
- Maintain documentation (e.g. policies, procedures, etc.) on cloud security, Azure/M365/AWS.
- Run periodic control reviews and gap assessments on cloud security. Maintain traceability to regulatory and internal requirements.
- Management reporting
3. L2 engineering support and incident response
- L2 triage for cloud security incidents
- Investigate (logs, alerts, Purview/DLP events)
- Contain/remediate with SOC/Sentinel and platform teams;
- Control improvements
4. Implement data classification and labeling
- Implement sensitivity labels
- Configure auto-labeling policies
- Create test plans and UAT with business owners
- Manage label lifecycle (changes, deprecation, communications)
You are someone with:
- Bachelor's degree in Information Security, Computer Science, Engineering, Information Technology, or related field.
- Minimum of 5 years relevant experience in Microsoft Azure, AWS, cloud security, security and/or engineering.
- Microsoft certifications relevant to identity/security such as:
> SC-400 (Information Protection)
> SC-100 (Cybersecurity Architect)
> AZ-500 (Azure Security Engineer)
> CCSP or CISSP or CISM or CompTIA Security
- Relevant working experience in regulated environments (e.g. banking, FSIs) and/or audit/regulatory engagements is an advantage.
- Cloud security engineering in Azure / M365, secure configuration, monitoring and logging.
- Defender/Sentinel integrations (or equivalent SOC tooling)
- Hands-on with Microsoft Purview Information Protection, and DLP across relevant workloads.
- Scripting/automation for operations and evidence. E.g. PowerShell (strongly preferred).
- Ability to translate requirements into practical standards and enforceable baselines.
- Strong documentation discipline.
- Strong stakeholder management.
- Incident mindset on structured triage, root cause thinking, and continual control improvement.
