Cloud Security Engineer

About CGSI

CGS International Securities Pte. Ltd. (CGS International) is an award-winning and market leading integrated financial services provider, ranked among the top securities houses in Asia.

CGS International taps on our wealth of global and ASEAN insights to offer equities trading, leveraged products, wealth management, investment banking, equities research, Shariah-compliant financing, fixed income, currency and commodities, structured products, and prime brokerage services in over 15 countries and regions.

Along with its parent organization China Galaxy Securities, a leading securities house in China, CGS International is trusted by more than 15 million customers globally.

Job Responsibilities

AWS Cloud Security Implementation

1. Design and implement security controls, policies, and procedures for AWS cloud environments.
2. Deploy and manage cloud security tools such as CNAPP, GuardDuty, CloudTrail, Security Hub, and Inspector.
3. - Ensure proper Identity and Access Management (IAM), including roles, permissions, and policies.

Monitoring and Incident Response

1. - Monitor AWS environments for security breaches, vulnerabilities, and threats.
2. - Develop and manage incident response plans and playbooks for cloud-based services.
3. - Work with cross-functional teams to investigate and remediate security incidents and vulnerabilities in the AWS cloud.

Compliance and Governance

1. Ensure compliance with standards and frameworks such as ISO 27001, NIST CSF and MAS TRM.
2. Conduct regular audits and security assessments of AWS environments.
3. Implement tools and processes for continuous compliance and governance.

Collaboration and Training

1. Work closely with DevOps and Technology teams to integrate security best practices into CI/CD pipelines.
2. Provide guidance and training on AWS security to internal teams.
3. Stay updated on AWS security features, tools, and best practices.

Automation and Optimization

1. Automate security operations using tools such as AWS Lambda, CloudFormation, and Terraform.
2. Optimize cost and performance of security tools and measures in AWS.

Requirements

• 3+ years of experience in cloud security with a focus on AWS
• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
• AWS certifications (e.g., AWS Certified Security – Specialty, AWS Solutions Architect).
• Cybersecurity certifications (e.g., CISSP, CISM, CCSP, CCSK).
• Spoken proficiency in English and Chinese.
• Deep understanding of AWS security services (e.g., IAM, VPC, KMS, CloudTrail, Config, Shield).
• Experience with security frameworks and compliance standards (e.g., NIST, ISO, CSA)
• Proficiency in scripting languages such as Python, Bash, or PowerShell.
• Strong knowledge of network security concepts (firewalls, VPNs, security groups, etc.).
• Familiarity with DevSecOps practices and CI/CD pipelines
• Experience with container and orchestration security (e.g., Docker, Kubernetes)
• Knowledge of SIEM tools and log management.
• Strong analytical and problem-solving skills.
• Effective communication and collaboration abilities.
• Proactive and detail-oriented mindset.
• Responsible and accountable.

Salary range: SGD 6000 - 8000