Cloud Security Specialist

Position: Cloud Security Specialist

Tenure: Permanent

Salary: RM 7000 - RM 11,000

Location: Bangsar

Responsibilities:

• Design and implement secure cloud architectures in AWS, Azure, or Alibaba Cloud.
• Implement and enforce strong Identity and Access Management (IAM) controls, including least privilege, RBAC, MFA, and privileged access monitoring.
• Identify and remediate cloud infrastructure vulnerabilities and misconfigurations using CSPM and other tools.
• Configure and manage network security controls, including cloud firewalls, Web Application Firewalls (WAF), and DDoS mitigation services (e.g., AWS Shield, AWS WAF, AWS Network Firewall) to protect applications from external threats.
• Deploy and manage Data Loss Prevention (DLP) tools and policies to prevent unauthorized data exposure.
• Configure and maintain Key Management Systems (KMS) for secure cryptographic key storage and usage.
• Implement and manage encryption protocols for data at rest and in transit using industry standards (e.g., TLS, AES).
• Perform operating system (OS) hardening (CIS Benchmark) and ensure timely patch management across cloud-based systems to reduce vulnerability exposure.
• Define and enforce security policies, standards, and best practices across cloud environments (e.g., PCI-DSS, RMiT, ISO 27001).
• Oversee API security management, including secure design and governance of APIs, Authentication and authorization (e.g., OAuth2, API keys, JWT), rate limiting, input validation, and anomaly detection.
• Develop and enforce cloud policies to maintain consistent and secure cloud configurations (e.g., AWS SCP, Azure Policy).
• Manage and analyse security-relevant logs from various sources, including (AWS CloudTrail, Azure Activity Logs, Alibaba ActionTrail).·
• Respond to cloud-related security incidents, collaborate with SOC/IR teams, and lead forensic investigations where needed. ·
• Staying up-to-date with emerging cloud security trends, technologies, and threats, and making recommendations to improve the organization's security posture

JOB REQUIREMENTS:

• Bachelor's degree in computer science, information technology, or a related field. Degree in IT Security related field is preferred.
• Minimum of 2-5 years of experience in cloud security or related fields, such as cybersecurity or information security with a focus on cloud environments.
• Experience with cloud security technologies and tools, such as identity and access management (IAM), encryption, firewalls, and intrusion detection systems (IDS), WAF, DDoS protection etc.
• Experience in managing a secure Cloud Landing Zone (e.g., using AWS Control Tower, Azure Blueprints) to establish a scalable, secure foundation for cloud environments.
• In-depth understanding of cloud security best practices and regulatory compliance frameworks.
• Experience in managing cloud security incidents, including conducting forensic analysis and incident response in cloud-based environments.
• Experience with container security (Docker, Kubernetes).
• Strong understanding of disaster recovery and business continuity planning within cloud environments.
• Relevant cloud certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate, Alibaba Cloud Security Engineer are preferable.
• Strong knowledge of API security protocols and communication methods, including RESTful APIs, OAuth2, JWT, WebSockets, and GraphQL, as well as experience in securing and optimizing API communication for high-performance environments.
• Relevant cloud certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate, Alibaba Cloud Security Engineer are preferable.

Job Type: Permanent

Pay: RM7,000.00 - RM11,000.00 per month

Application Question(s):

• How long is your notice period?
• What is your expected salary?

Education:

• Bachelor's (Preferred)

Experience:

• Cloud security: 2 years (Preferred)
• Encryption, firewalls, intrusion detection systems: 2 years (Preferred)
• Managing cloud landing zone: 2 years (Preferred)
• API security, RESTful APIs, OAuth2, JWT,: 2 years (Preferred)
• WebSockets, GraphQL: 2 years (Preferred)

License/Certification:

• cloud cert (e.g., AWS Certified Security Specialty) (Preferred)

Work Location: In person