Senior Cloud Security Operations Engineer

The Role

The Senior Cloud Security Operations Engineer is responsible for building, operating, and continuously improving the company's cloud security posture across its mission-critical financial infrastructure. This role focuses on threat detection & response, security compliance, and proactive risk mitigation within a multi-cloud environment (Primary: AWS, Secondary: GCP). You will serve as the security domain expert within the operations team, driving security automation, zero-trust architecture adoption, and ensuring adherence to financial regulatory frameworks such as MAS TRM and PCI-DSS.

• Cloud Security Architecture:
  Design, implement, and maintain a robust cloud security architecture across AWS (primary) and GCP (secondary), encompassing network security, identity security, data protection, and workload security layers.
• Security Operations Center (SOC) Enablement:
  Build and operate the cloud-centric SOC capability, including SIEM integration (AWS Security Hub, Splunk, or ELK), security event correlation, threat intelligence feeds, and 24/7 security monitoring workflows.
• Threat Detection & Incident Response:
  Lead the detection, investigation, containment, and remediation of cloud security incidents (unauthorized access, data exfiltration, malware, DDoS); develop and maintain incident response playbooks and conduct regular tabletop exercises.
• Identity & Access Management (IAM):
  Design and enforce IAM policies, least-privilege access models, role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management (PAM) across all cloud accounts and services.
• Vulnerability Management:
  Establish and operate a continuous vulnerability management program, including regular vulnerability scanning (AWS Inspector, Qualys, Nessus), penetration testing coordination, patch management, and remediation tracking.
• Compliance & Audit:
  Ensure cloud infrastructure meets financial regulatory and industry compliance standards (MAS TRM, PCI-DSS, SOC 2, ISO 27001); lead internal/external audit preparation, evidence collection, and remediation of audit findings.
• Network Security:
  Manage and optimize cloud network security controls, including VPC security design, Security Groups, NACLs, WAF (AWS WAF / Cloud Front), DDoS protection (AWS Shield), VPN/Direct Connect security, and micro-segmentation strategies.
• Data Security & Encryption:
  Implement and manage data protection mechanisms, including encryption at rest and in transit (AWS KMS, ACM, TLS), data classification, data loss prevention (DLP), and secrets management (AWS Secrets Manager, Hashi Corp Vault).
• Security Automation & Tooling:
  Design and develop security automation tools and scripts (using Python, Golang, or Shell) for automated compliance checks, security baseline enforcement, auto-remediation of misconfigurations, and security event enrichment.
• Container & Kubernetes Security:
  Implement security best practices for containerized workloads and Kubernetes (EKS) environments, including image scanning, runtime protection, network policies, pod security standards, and service mesh security.
• Security Governance &
  
  Risk Management:
  
  Conduct regular cloud security risk assessments, maintain the risk register, define security KPIs/KRIs, and report security posture to management.
• Documentation & Training:
  Maintain up-to-date security policies, standards, runbooks, and architecture documentation; conduct security awareness training and knowledge sharing sessions for the broader technology team.

• Education:
  
  Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related technical field.
• Experience:
  
  3–5 years of solid experience in Cloud Security, Security Operations, or Information Security roles, with at least 2 years focused on cloud security in production environments.
• AWS Security Proficiency:
  Expert knowledge of the AWS security ecosystem, including IAM, Security Hub, Guard Duty, Cloud Trail, Config, Inspector, WAF, Shield, KMS, Secrets Manager, Macie, and Organizations/SCPs.
• Security Operations:
  Hands-on experience with SIEM platforms (Splunk, ELK, or AWS Security Hub), SOAR tools, threat intelligence platforms, and security incident response processes.
• Network Security:
  Strong foundation in network security principles, including firewall management, IDS/IPS, VPN, DDoS mitigation, zero-trust networking, and the ability to analyze network traffic and diagnose complex security events.
• Compliance Frameworks:
  Practical experience with financial regulatory and industry compliance frameworks, including MAS TRM Guidelines, PCI-DSS, SOC 2, ISO 27001, or NIST CSF.
• Programming & Scripting:
  Proficient in Python and Shell scripting for security automation; familiarity with Golang is a plus.
• Infrastructure as Code & Policy as Code:
  Experience with Terraform, Cloud Formation, and policy-as-code tools (OPA/Rego, AWS Config Rules, or Sentinel) for security baseline enforcement.
• Container Security:
  Practical experience with…