Our client, a pioneering force in the burgeoning financial technology sector, is currently looking for Cloud Security Engineer-IT Audit Specialist to join their growing IT Audit team in Kuala Lumpur. The Cloud Security Engineer - IT Audit Specialist role offers a unique opportunity for individuals with a robust cloud security background or cloud security engineering experience to pivot into a strategic IT audit position. This role requires a blend of technical proficiency in cloud security principles and the analytical rigor essential for evaluating and enhancing our IT control environment.
Responsibilities
Participate in the development and execution of IT audit plans, focusing on assessing the effectiveness of internal controls and risk management practices.
Conduct detailed reviews of IT systems, applications, and processes to identify control deficiencies, weaknesses, and areas for improvement.
Collaborate with cross-functional teams to remediate control gaps and enhance the overall security posture of our organization.
Document audit findings, recommendations, and action plans in clear, concise reports for senior management and regulatory authorities
Stay abreast of emerging trends, technologies, and regulatory requirements in cloud security and IT audit domains.
Proactively identify opportunities to enhance audit methodologies, tools, and processes to strengthen our third-line defense capabilities.
Drive awareness and adoption of security best practices and compliance standards across the organization through training, knowledge sharing, and collaboration initiatives.
Qualifications
Bachelor's degree in Computer Science, Information Systems, or a related field. Professional certifications such as CISSP, CISA, AWS Certified Security, or equivalent are highly desirable.
Minimum of 5 years of hands-on experience in cloud security or cloud security engineering roles, with a deep understanding of cloud platforms, architecture, and services.
Experience in designing, implementing and maintaining secure cloud environments leveraging platforms such as AWS, Azure or GCP
Conducted comprehensive risk assessments, security audits, and penetration tests to identify vulnerabilities and threats within the cloud infrastructure.
Strong knowledge of industry-standard security frameworks, compliance requirements, and regulatory standards (e.g., NIST, ISO 27001, SOC 2, PCI DSS).
Excellent analytical skills with the ability to assess complex technical environments, identify security risks, and evaluate control effectiveness.
Effective communication skills, with the ability to articulate technical concepts and audit findings to diverse audiences, including senior management and external stakeholders.
Proven ability to collaborate effectively in a dynamic, fast-paced environment, with a passion for learning and professional growth.
If you're a talented Cloud Security Engineer seeking a new challenge in the dynamic field of third-line defense IT audit, we want to hear from you.