Cloud Security Engineer

Cloud Security Engineer

Contract Duration: 1 years (12 Months)

Work Location: Toh Payoh, Singapore

Work Timing: Office Hours

Max Offered Salary:  9000 SGD

We are looking for a skilled Cloud Security Engineer with strong expertise in AWS and Azure cloud security, governance, and DevSecOps practices. The candidate will be responsible for designing, implementing, and maintaining secure cloud environments while ensuring compliance with security standards, governance frameworks, and operational best practices.

Key Responsibilities

• Conduct cloud security assessments, architecture reviews, and risk assessments for AWS and Azure environments.
• Design and implement secure cloud architectures, landing zones, guardrails, and baseline security configurations.
• Harden cloud infrastructure, virtual machines, containers, and platform services based on security standards and benchmarks.
• Develop Infrastructure as Code (IaC) scripts and automation for cloud security hardening, monitoring, compliance checks, and remediation.
• Implement and manage IAM controls including federation, privileged access, secrets management, and key management.
• Configure and maintain cloud security controls such as firewalls, WAF, DDoS protection, encryption, and network segmentation.
• Manage cloud monitoring, logging, alerting, threat detection, and incident response activities.
• Integrate security controls into CI/CD pipelines and secure software delivery processes.
• Perform vulnerability assessments, configuration reviews, remediation tracking, and compliance audits.
• Ensure adherence to governance standards, regulatory requirements, and public sector security policies.
• Collaborate with engineering, operations, DevOps, and application teams to improve overall cloud security posture.
• Develop and enhance cloud security processes, standards, playbooks, and operational procedures.
• Support DevSecOps and Cloud Platform Security activities based on project requirements.

Required Skills & Experience

• Minimum 4 years of experience in cloud security engineering, assessment, remediation, and governance.
• Hands-on experience with AWS and Azure cloud platforms.
• Strong knowledge of cloud security architecture, landing zones, governance, and account/subscription segregation.
• Experience with CI/CD and DevOps tools such as GitLab, Azure DevOps, GitHub Actions, Jenkins, or similar.
• Experience with Infrastructure as Code tools including Terraform, CloudFormation, Bicep, or ARM templates.
• Expertise in AWS security services such as IAM, Control Tower, KMS, CloudTrail, Config, GuardDuty, Security Hub, Inspector, and WAF.
• Expertise in Azure security services such as Microsoft Entra ID, Azure Policy, Key Vault, Microsoft Defender for Cloud, Sentinel, Azure Monitor, and Azure Firewall.
• Experience with CSPM, CWPP, and CNAPP tools such as Wiz, Prisma Cloud, or equivalent.
• Knowledge of container and Kubernetes security for AKS/EKS environments.
• Experience in IAM, PAM, Zero Trust, PKI, SIEM/SOAR, incident response, encryption, and cloud logging.
• Experience with cloud-native security testing tools including SAST, DAST, SCA, and secrets scanning.
• Familiarity with compliance and governance frameworks such as CIS Benchmarks, NIST, ISO 27001, SOC 2, PCI DSS, and public sector regulatory standards.

Preferred Qualifications

• Certifications such as AWS Certified Security – Specialty, AWS Solutions Architect, Microsoft Certified: Azure Security Engineer Associate, CEH, OSCP, GPEN, or GWAPT.
• Degree or Diploma in Computer Science, Information Technology, Engineering, or related disciplines.

Interested candidates can connect on +6586533349 (WhatsApp chat only)