- Kuala Lumpur Federal Territory Malaysia
Kerja Sepenuh Masa, Cybersecurity Architect - Cloud di Fuku Federal Territory - Maukerja
Kongsi
Simpan
Lokasi Kerja
Penerangan Kerja
Tanggungjawab
Key Responsibilities
Qualifications & Requirements
Preferred Qualifications
- Provide overall technical direction for cybersecurity strategy and architecture across a hybrid on-premise and cloud landscape.
- Design and maintain the Group’s cloud security reference architecture for AWS and hybrid environments, including landing zones, network security, identity, data protection, and workload security.
- Define cloud security standards, guardrails, and policies aligned with frameworks such as NIST CSF, CIS Benchmarks, ISO 27001, and CSA Cloud Controls Matrix; ensure these are adopted across all cloud deployments.
- Architect identity and access management (IAM) solutions for hybrid environments, including Entra ID, conditional access, privileged identity management (PIM), and zero-trust architecture principles.
- Lead cloud security posture management (CSPM) strategy using tools such as Microsoft Defender for Cloud, AWS Security Hub, or third-party CSPM platforms; drive continuous compliance monitoring and remediation.
- Design secure network architectures for cloud environments, including micro-segmentation, WAF, DDoS protection, private endpoints, service endpoints, and hybrid connectivity security (ExpressRoute / Direct Connect / VPN).
- Provide security architecture guidance for SAP RISE / S/4HANA cloud migration, M365 tenant hardening, and cloud-native application development (containers, serverless, API security).
- Develop an AI agentic-first security review and vulnerability management pipeline to strengthen security posture while enabling automation.
- Define and operationalise cloud security monitoring, detection, and response capabilities, integrating cloud logs and alerts into the Group’s SIEM/SOAR platform.
- Collaborate with Infrastructure/Network Operations on secure cloud landing zone deployment, Infrastructure as Code (IaC) security (Terraform, ARM), and DevSecOps pipeline integration (SAST, DAST, SCA).
- Provide technical leadership on cloud data protection, including encryption at rest and in transit, key management (AWS KMS), DLP policies, and data classification enforcement.
- Stay current with emerging cloud threats, vulnerabilities, and attack techniques; advise leadership on evolving risk posture and recommend mitigation strategies.
Qualifications & Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or a related field; Master’s degree is an advantage.
- Minimum 8–12 years of experience in cybersecurity, with at least 4 years focused on cloud security architecture across AWS or multi-cloud environments.
- Deep hands-on expertise in AWS security services.
- Strong knowledge of zero-trust architecture, identity-centric security models, PAM/PIM, and modern authentication protocols (OAuth 2.0, SAML, OpenID Connect).
- Practical experience with cloud-native security tooling, including CSPM, CWPP, CNAPP, CASB, and cloud DLP solutions.
- Familiarity with securing SAP cloud environments (SAP RISE, BTP) and M365 security & compliance features (Purview, Defender for Office 365).
- Strong understanding of IaC security (Terraform, CloudFormation), container security (Kubernetes, Docker), and DevSecOps practices.
Preferred Qualifications
- CISSP, CCSP, CCAK, or SABSA certification; AWS Certified Security – Specialty.
- Experience with regulatory compliance in multi-jurisdiction environments (PDPA, GDPR, SOX, industry-specific regulations).
- Background in securing OT/IT convergence environments or multi-industry conglomerates (manufacturing, plantations, FMCG, oil & gas).
- Experience with SIEM/SOAR platforms and threat intelligence integration.
Peringatan Penting
Jangan pernah kongsikan maklumat bank atau kad kredit anda semasa memohon pekerjaan. Elakkan membuat sebarang pembayaran atau mengisi survey yang tidak berkaitan. Jika ada yang mencurigakan, sila laporkan iklan pekerjaan ini segera.
Lebih Lanjut
