Cloud Security Engineer (Kuala Lumpur, Malaysia)
Indexed description
Security governance and cloud risk management are central to our technology strategy. Our Cloud Security function ensures strong control oversight, clear policy definition, and effective risk management across our cloud and SaaS environments.
We are looking for a Cloud Security Engineer II to design, implement, and continuously improve our cloud security controls, identity architecture, and governance guardrails. The role is critical in maintaining a secure, compliant, and well-governed cloud environment.
Responsibilities
Identity and Access Management Architecture
- Design and maintain role-based access control (RBAC) models and IAM policies that enforce least privilege principles across cloud and enterprise SaaS.
- Ensure identity structures align with organizational roles, segregation of duties requirements, and compliance standards.
- Define, implement, and maintain cloud-native guardrails (e.g., service control policies, policy-as-code, security configurations) that prevent misconfiguration and enforce security baselines across environments.
- Partner with Platform Engineering to ensure guardrails are embedded into infrastructure automation.
- Oversee cloud security posture management tools and continuously assess compliance with defined baselines.
- Identify configuration drift, security gaps, or policy violations and coordinate remediation with Reliability and Platform teams.
- Lead structured periodic access review processes to validate entitlement accuracy, privileged access assignments, and role appropriateness.
- Ensure evidence is maintained for audit and compliance purposes.
- Establish and maintain baseline security standards for infrastructure, operating systems, cloud services, and SaaS platforms.
- Align baselines with industry best practices and organizational risk appetite.
- Review vulnerability findings from scanning tools, prioritize remediation requirements based on risk severity, and ensure remediation timelines are adhered to by operational teams.
- Conduct security assessments of vendors and third-party integrations from a technical controls perspective, identifying gaps and recommending mitigation strategies.
- Prepare governance dashboards and risk posture reports for leadership, highlighting trends, control effectiveness, and remediation progress.
- Strong hands-on experience with AWS services and security tools.
- Deep understanding of least privilege principles and RBAC design.
- Experience implementing cloud security guardrails and policy-as-code.
- Familiarity with vulnerability management processes.
- Knowledge of security benchmarks (e.g., CIS frameworks).
- Ability to translate risk into actionable technical controls.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search