Talent.com
Tawaran kerja ini tidak tersedia di negara anda.
Security Engineer

Security Engineer

OneConnect Financial TechnologyKuala Lumpur, Malaysia
1 hari lalu
Penerangan pekerjaan

Responsibilities

Design, implement, and maintain secure AWS network architectures (VPC, subnets, Transit Gateway, routing, NACLs, Security Groups). Define traffic flows for north-south and east-west traffic to enforce least privilege and segmentation. Implement WAF, ALB / NLB security rules, and private connectivity (Direct Connect, VPN, VPC Peering). Vulnerability & Patch Management Own the vulnerability management lifecycle : scanning, prioritization, remediation, and reporting. Work with application and infrastructure teams to close gaps across servers, middleware, databases, and containers. Track and report on compliance with patch SLAs, EOL software upgrades, and hardening standards. Cloud Security Operations Configure and monitor AWS-native security services (GuardDuty, Inspector, Security Hub, Macie, CloudTrail). Build detection and response playbooks for incidents involving AWS workloads. Support continuous improvement of logging, monitoring, and alerting. Compliance & Governance Map AWS security controls to frameworks such as MAS TRM, OSPAR 2.0, ISO 27001, PCI DSS, NIST CSF, CIS Benchmarks. Prepare audit evidence and support regulatory / security assessments. Contribute to security standards, runbooks, and technical documentation. DevSecOps & Automation Embed security in CI / CD pipelines with IaC templates (CloudFormation, Terraform). Automate remediation for common findings and misconfigurations. Requirements

3–5 years of experience in AWS cloud security engineering / architecture. Network design and traffic flow control (VPC, Transit Gateway, NACLs, Security Groups). Vulnerability management and patch lifecycle (AWS Inspector, Tenable, or equivalent). AWS security services (GuardDuty, WAF, KMS, IAM, CloudTrail). Understanding of encryption, key management, and IAM policies. Experience with regulatory / security frameworks (ISO 27001, NIST, MAS TRM, OSPAR, CIS). Scripting / automation ability (Python, Bash, PowerShell). Seniority level

Mid-Senior level Employment type

Full-time Job function

Information Technology

#J-18808-Ljbffr

Buat amaran kerja untuk carian ini

Security Engineer • Kuala Lumpur, Malaysia