Cloud Security Manager

Role Mission: The Cloud Security Manager is responsible for leading and managing the security posture of the organization’s cloud environments. This role oversees cloud security architecture, governance, compliance, incident response, and cloud security operations to ensure secure design, implementation, and ongoing management of cloud workloads. The manager will work closely with cloud engineering, DevOps, cybersecurity, infrastructure, and application teams to embed security-by-design across all cloud deployments.

• Cloud Security Governance & Policy

  Establish, maintain, and enforce cloud security policies, standards, and governance frameworks to ensure secure cloud adoption across the organization.

• Secure Cloud Architecture & Design Assurance

  Review and approve cloud solution designs, ensuring secure-by-design principles, threat modeling, and compliance with best practices and reference architectures.

• Identity & Access Management (IAM) Control

  Own and govern cloud IAM strategy, enforcing least privilege, strong authentication, privileged access control, and periodic access reviews.

• Cloud Security Operations & Monitoring

  Oversee continuous monitoring of cloud environments, ensuring timely detection and remediation of misconfigurations, vulnerabilities, and security threats.

• Compliance, Audit & Risk Management

  Ensure cloud environments meet regulatory, legal, and internal compliance requirements; manage risk assessments, audits, and cloud security reporting.

• Incident Response & Forensics

  Lead cloud security incident response, including investigation, containment, recovery, and root cause analysis for cloud-related security events.

• Leadership, Stakeholder Engagement & Continuous Improvement

  Provide cloud security expertise to stakeholders, lead security teams, manage security tools/vendors, and drive cloud security capability enhancements.

• Cloud Security Governance & Strategy

  Develop and maintain AWS cloud security policies, standards, and frameworks; lead security strategy aligned with business and regulatory requirements; enforce AWS Well‑Architected, CIS, and Zero Trust principles.

• Cloud Security Architecture & Engineering

  Design, review, and approve secure AWS architectures; guide secure cloud‑native implementations; govern IAM (RBAC, least privilege, automated remediation); oversee network security controls including WAF, Shield, and service mesh.

• Cloud Security Operations, Monitoring & Incident Response

  Manage continuous monitoring with AWS‑native tools and SIEM; oversee vulnerability management and misconfiguration remediation; lead incident response including detection, investigation, containment, and recovery; automate security guardrails and remediation workflows.

• Compliance, Risk Management & Audit Assurance

  Ensure compliance with regulatory and internal requirements (SOC 2, GDPR, MAS TRM, PDPA); conduct cloud risk assessments and threat modeling; coordinate penetration testing; prepare documentation and evidence for audits.

• Data Protection & Cloud Security Controls

  Ensure effective protection of sensitive data through encryption, access governance, classification, and DLP controls; manage cloud data exposure risks and ensure secure storage and handling of information across AWS services.

• Leadership, Collaboration & Security Culture

  Serve as AWS cloud security SME; collaborate with Cloud, DevOps, Network, and Cybersecurity teams to embed security‑by‑design; mentor teams and promote a strong security culture through training and stakeholder engagement.

• Reports to the Head of Cybersecurity: The candidate will work closely with the Head of Cybersecurity to design, implement, support, and maintain cybersecurity systems that safeguard the organization’s digital assets. This includes contributing to architecture design, operational readiness, system optimization, and ensuring alignment with security policies and operational objectives.
• Vendor & Service Provider Management: The candidate will lead, manage, and coordinate external vendors responsible for supporting cybersecurity systems. This includes ensuring vendors meet contractual obligations, service levels, operational standards, and deliver quality support for security tools, platforms, and related infrastructure.
• Cross‑Functional Collaboration: The role will collaborate with internal stakeholders such as IT Infrastructure, Network Engineering, SOC Analysts, Incident Response Teams, Governance/Risk/Compliance (GRC), and Application Teams to ensure the effective operation, integration, and continuous improvement of cybersecurity systems.
• Business & Operational Stakeholders: The candidate will engage with business units to understand operational requirements, communicate potential risks, and ensure security systems support business continuity, performance, and compliance needs.