Back to Job Search

Job Description

Our client, a pioneering force in the burgeoning financial technology sector, is currently looking for Cloud Security Engineer-IT Audit Specialist to join their growing IT Audit team in Kuala Lumpur. The Cloud Security Engineer - IT Audit Specialist role offers a unique opportunity for individuals with a robust cloud security background or cloud security engineering experience to pivot into a strategic IT audit position. This role requires a blend of technical proficiency in cloud security principles and the analytical rigor essential for evaluating and enhancing our IT control environment.


  • Participate in the development and execution of IT audit plans, focusing on assessing the effectiveness of internal controls and risk management practices.

  • Conduct detailed reviews of IT systems, applications, and processes to identify control deficiencies, weaknesses, and areas for improvement.

  • Collaborate with cross-functional teams to remediate control gaps and enhance the overall security posture of our organization.

  • Document audit findings, recommendations, and action plans in clear, concise reports for senior management and regulatory authorities

  • Stay abreast of emerging trends, technologies, and regulatory requirements in cloud security and IT audit domains.

  • Proactively identify opportunities to enhance audit methodologies, tools, and processes to strengthen our third-line defense capabilities.

  • Drive awareness and adoption of security best practices and compliance standards across the organization through training, knowledge sharing, and collaboration initiatives.


  • Bachelor's degree in Computer Science, Information Systems, or a related field. Professional certifications such as CISSP, CISA, AWS Certified Security, or equivalent are highly desirable.

  • Minimum of 5 years of hands-on experience in cloud security or cloud security engineering roles, with a deep understanding of cloud platforms, architecture, and services.

  • Experience in designing, implementing and maintaining secure cloud environments leveraging platforms such as AWS, Azure or GCP

  • Conducted comprehensive risk assessments, security audits, and penetration tests to identify vulnerabilities and threats within the cloud infrastructure.

  • Strong knowledge of industry-standard security frameworks, compliance requirements, and regulatory standards (e.g., NIST, ISO 27001, SOC 2, PCI DSS).

  • Excellent analytical skills with the ability to assess complex technical environments, identify security risks, and evaluate control effectiveness.

  • Effective communication skills, with the ability to articulate technical concepts and audit findings to diverse audiences, including senior management and external stakeholders.

  • Proven ability to collaborate effectively in a dynamic, fast-paced environment, with a passion for learning and professional growth.

If you're a talented Cloud Security Engineer seeking a new challenge in the dynamic field of third-line defense IT audit, we want to hear from you.