jobs in Handshakes By DC Frontiers

Kerja Sepenuh Masa, Cloud Security Engineer di Handshakes By DC Frontiers Federal Territory - Maukerja

Cloud Security Engineer

Handshakes By DC Frontiers

Undisclosed

KL City, Federal Territory

Kongsi
Simpan

Lokasi Kerja

  • Kuala Lumpur Federal Territory Malaysia

Penerangan Kerja

Tanggungjawab

Handshakes by DC Frontiers is an award-winning DataTech company that leverages data to empower safe, informed business decisions.


We are currently looking for a Cloud Security Engineer to design, implement, and continuously improve our cloud security controls, identity architecture, and governance guardrails. This role is critical in maintaining a secure, compliant, and well-governed cloud environment.


Key Responsibilities


Identity and Access Management Architecture

  • Design and maintain role-based access control (RBAC) models and IAM policies that enforce least privilege principles across cloud and enterprise SaaS.
  • Ensure identity structures align with organizational roles, segregation of duties requirements, and compliance standards.


Cloud Guardrails and Policy Enforcement

  • Define, implement, and maintain cloud-native guardrails (e.g., service control policies, policy-as-code, security configurations) that prevent misconfiguration and enforce security baselines across environments.
  • Partner with Platform Engineering to ensure guardrails are embedded into infrastructure automation.


Security Posture Management

  • Oversee cloud security posture management tools and continuously assess compliance with defined baselines.
  • Identify configuration drift, security gaps, or policy violations and coordinate remediation with Reliability and Platform teams.


Access Governance and Reviews

  • Lead structured periodic access review processes to validate entitlement accuracy, privileged access assignments, and role appropriateness.
  • Ensure evidence is maintained for audit and compliance purposes.


Security Baseline Definition

  • Establish and maintain baseline security standards for infrastructure, operating systems, cloud services, and SaaS platforms.
  • Align baselines with industry best practices and organizational risk appetite.


Vulnerability Governance Oversight

  • Review vulnerability findings from scanning tools, prioritize remediation requirements based on risk severity, and ensure remediation timelines are adhered to by operational teams.


Third-Party Technical Risk Assessment

  • Conduct security assessments of vendors and third-party integrations from a technical controls perspective, identifying gaps and recommending mitigation strategies.


Security Reporting and Metrics

  • Prepare governance dashboards and risk posture reports for leadership, highlighting trends, control effectiveness, and remediation progress.


Required Skills & Experience

  • Bachelor’s Degree in Computer Science/ Information Technology or any related studies
  • Minimum 5 years of hands-on experience with AWS services and security tools
  • Deep understanding of least privilege principles and RBAC design
  • Experience implementing cloud security guardrails and policy-as-code
  • Familiarity with vulnerability management processes
  • Knowledge of security benchmarks (e.g., CIS frameworks)
  • Ability to translate risk into actionable technical controls


Nice-to-Have

  • Experience with cloud security posture management tools
  • Exposure to regulatory or audit environments (ISO 27001, 27017 etc.)
  • Familiarity with DevSecOps practices
  • Security certifications (e.g., AWS Security Specialty, CISSP, CCSP)


* Work Arrangement - 3 days work in office on hybrid working as per company policy.

Peringatan Penting

Jangan pernah kongsikan maklumat bank atau kad kredit anda semasa memohon pekerjaan. Elakkan membuat sebarang pembayaran atau mengisi survey yang tidak berkaitan. Jika ada yang mencurigakan, sila laporkan iklan pekerjaan ini segera.

Lebih Lanjut