Cloud Engineer
The Lead Engineer / Senior Lead Engineer is expected to apply extensive technical knowledge and hands-on skills in commercial cloud (AWS and Azure) to develop, deploy, and managed hybrid/multi cloud security technologies and services aligned with business objectives, security, and compliance requirements.
Job Responsibilities:
- Design, develop, and operate cloud security technologies, solutions, and services in HCC AWS and Azure in accordance.
- with the relevant Healthcare cloud security policies and standards, cloud architecture standards and guidelines.
- Experienced in operating cloud security technologies / services provided natively in AWS such as Security Hub,Inspector, Guarduty, Cloudwatch, AWS Config, Control Tower, various AWS Policies, Security Group, NACL, Detective,Systems Manager, trusted advisor, and in Azure such as Defender for Cloud, various Defender Plans, Log Analytics Workspace, Azure Policy, Network Security Group, key vaults, Sentinel.
- Experienced in managing ICT security risk, operations, and incident to achieve system confidentiality, integrity, and availability.
- Provide technical advisory on cloud security solutions, design, architecture, or other cloud security related
- technologies / services.
- Experienced with AWS and Azure well architected framework implementation, review, assessment, remediation plan (minimally security pillar).
- Secure and maintain up-to-date baseline compute services such as vm image with latest anti-malware definitions and latest patches.
- Develop mechanism to promptly detect baseline drift from the established hardening standards, policies, and other compliance requirements and industry best practices.
- Actively monitor security score in AWS and Azure, review number of non-compliances / findings, come up with remediation plan, and perform remediation together with other team members.
- Promptly validate, mitigate, and remediate all vulnerabilities identified in HCC AWS and Azure in accordance with the timeframe stipulated inside Healthcare Policy.
- Develop the ability to promptly detect, monitor and respond to malware alerts, unauthorized changes / suspicious / malicious activities within AWS and Azure.
- Develop, maintain, and improve incident management and response process and distill lessons learnt to prevent recurrence of similar cybersecurity incidents.
- Lead in troubleshooting security related issues / incidents for the projects hosted in AWS or Azure.
- Able to perform in-depth troubleshooting and tracing of traffics / activities across various cloud services within commercial cloud environment (AWS and Azure) to identify root cause of the issues / incidents.
- Working together with operation team to respond and investigate alerts highlighted by SOC.
- Develop central oversight to enhance ability to identify, protect, detect, respond, and recover from cybersecurity incidents.
- Ensure logs on all resources / services are enabled, send to centralized log repositories, and monitored by SOC.
- Perform regular access control review to identify unused accounts, excessive privileges, etc in accordance with the policy requirements to mitigate against the risk of unauthorized access. Establish a process to promptly revoke credentials such as API keys, access token and passwords, in the event of a
- security incident.
- Review and tighten inbound and outbound security groups and NACL rules for HCC and provide advice to clusters /project team as required.
- Develop, maintain, review, and improve HCC risk management process including keeping track of HCC risk registers and review their validity and possible mitigation actions.
- Perform risk assessment, identify risk scenarios, assess the consequent risks, assign risk ratings, determine the controls to mitigate the risks and assess the effectiveness of the controls implemented.
- Stay up to date on emerging threats and vulnerabilities as well as new cloud technologies or offerings and propose improvements into existing architecture framework or operations accordingly.
- Develop and maintain internal and external documentations such as security SOPs, handbooks, KBs, user guides /playbooks.
Requirements / Qualifications
- Bachelor’s degree (or higher) in Computer Science/Information Technology or relevant discipline.
- Minimum 6 years of hands-on experience with a strong technical knowledge in the 2 or more of the following areas in AWS and Azure. Those with more experiences will be considered for senior lead engineer role.
- Networking and perimeter protection: Firewall, NAT, Internet Gateway, WAF, NIDPS, DDoS protection, Proxy,secure DNS, transit gateway, peering, load balancer, VPC/VNet, AZ, IP address management.
- Workload management & operation: backup & recovery, endpoint protection, vulnerability management,patch management, key management, cert management, secret management, logs and alerts management,virtualization, storage, and databases.
- Identity & access control, directory services, account & access management
- Policy management, Governance, compliance, and data privacy
- Hold at least 1 advanced cloud-based security certification such as Certified AWS Security Specialty, Azure Solutions Architect Expert certification. Having other cybersecurity certifications such as CISM, CISSP, CEH, TOGAF, or SANS certificates would be a plus.
- Strong understanding on cloud security and have experience designing and implementing defense strategies on commercial cloud (AWS and Azure).
- Strong knowledge and experience in AWS and Azure Well Architected Framework, best practices, and Application Infrastructure Architecture Standard (AIAS). Specific experience in government / healthcare sector is a plus.
- Familiar with NIST Cybersecurity Framework and able to apply it into commercial cloud environment (AWS and Azure).
- Familiar with ITIL practices such as change management, configuration management, service management, incident management, problem management.
- Familiarity with cloud technologies such as CSPM, CWPP, CNAPP, DSPM, CMP, CIEM and other security solutions such as DLP, EDR, DAM.
- Familiarity with compute security, container security, and cloud storage security.
- Experience in performing risk assessment and vulnerability analysis of the cloud infrastructure.
- Strong initiative, good team player, enjoys taking ownership of issues, process driven, great attention to details, andpossess ability to establish and maintain effective working relationships within and across organization.
- Excellent verbal and spoken English skills with ability to influence others to move towards consensus.
- Excellent communication, leadership, and collaboration skills.
- Analytical mindset with excellent problem-solving abilities.
- Effective time management and organizational skills
EA Licence No: 11C5502 | EAP Registration No: R22109400