Cloud Security Engineer

Avensys is a reputed global IT professional services company headquartered in Singapore. Our service spectrum includes enterprise solution consulting, business intelligence, business process automation and managed services. Given our decade of success we have evolved to become one of the top trusted providers in Singapore and service a client base across banking and financial services, insurance, information technology, healthcare, retail, and supply chain.

We are currently looking to hire Cloud Security Engineer. This is an exciting opportunity to expand your skill set, achieve job satisfaction and work-life balance. More details as below.

This is a client facing / delivery role, working on cloud operations in the delivery team. You will execute daily cloud operations as well as cloud implementations in technical customer engagements including basic operations and administration, specific implementation projects and/or pilots in Cloud.

The ideal candidate will have experience in delivery roles and success in implementation discussions, hands-on experience with good client handling skills and good team player within the team. The candidate should also be able to provide solutions and technical expertise to fellow team members and in client accounts.

Apply technical knowledge, hands-on and customer insights to operate and administer a cloud infrastructure.

Ensure all configuration conforms to high levels of performance, security, scalability, maintainability, and appropriate reusability and reliability upon deployment, aligning to design documentation specifications

Ability to codify or implement/deploy configurations with the principles of automation by default in new projects with proper documentations

Collaborate with team members to engage clients in operational meetings, discussions, process betterment and contribute to optimisations for the client’s environment

Maintain technical skills, certifications and knowledge of market trends and competitive insights; collaborate and share with the technical community specifically in the cloud space

Ability to manage issues with proper resolution/documentation and SLAs is required for this role.

Audit, review, and implement IT security policies.

Database Activity Monitoring (DAM):

· Utilized DAM tools to monitor and track database activity, ensuring real-time detection of unauthorized access or suspicious activity.

· Configured policies and rules to detect SQL injection attacks, privilege escalation, and anomalous user behavior across various database platforms (e.g., Oracle, SQL Server, MySQL).

· Worked with DAM logs and alerts to perform investigations, helping to uncover potential data breaches and mitigate security risks.

· Conducted regular reviews of database access permissions, identifying and remediating privilege creep to ensure least-privilege access controls.

Continuous Threat Vulnerability Library (CTVL):

· Applied knowledge of CTVL to maintain an up-to-date, centralized repository of known vulnerabilities and threats, supporting proactive risk management.

· Integrated CTVL data into the organization’s vulnerability management program, enhancing the detection and prioritization of vulnerabilities in the network, applications, and infrastructure.

· Regularly assessed and updated threat intelligence feeds, ensuring security measures are aligned with the latest emerging threats.

· Worked cross-functionally with the security team to assess and patch high-priority vulnerabilities before they could be exploited.

Nexpose (Vulnerability Management Tool):

· Led the deployment and configuration of Nexposeto scan and assess vulnerabilities within the organization’s IT infrastructure, including servers, networks, and web applications.

· Performed regular vulnerability scans to identify potential security weaknesses, documented findings, and worked with IT teams to prioritize remediation based on risk level.

· Customized Nexpose scanning templates to align with specific regulatory compliance requirements (e.g., PCI-DSS, HIPAA) and internal security policies.

· Analyzed Nexpose reports to generate actionable remediation plans, reducing the organization’s exposure to critical vulnerabilities.

· Integrated Nexpose with SIEM solutions to enhance real-time monitoring and vulnerability alerting.

Azure Sentinel: Knowledge and experience in implementing and managing Azure Sentinel for threat detection and response is must.

Skills and Achievements:

· Deep familiarity with CTVL as a vital resource for proactive threat intelligence and vulnerability management.

· Good familiarity and hands on in implementing and managing Microsoft Sentinel.

· Hands-on experience leveraging Nexposeto conduct vulnerability assessments, with a focus on ensuring comprehensive coverage across various network segments and applications.

· Proficient in interpreting vulnerability management data and translating it into actionable plans to reduce the organization’s attack surface.

· Familiar with integration of security tools like Nexpose and DAM with SIEM platforms to provide a unified security operations approach.

Soft Skills:

· Strong analytical abilities to identify and address vulnerabilities and incidents across multiple systems.

· Collaborative mindset for working with IT, development, and security teams to implement solutions derived from Azure Sentinel, DAM, CTVL, and Nexpose insights.

· Detail-oriented with the ability to document and report security findings, incidents, and resolutions clearly.

WHAT’S ON OFFER

You will be remunerated with an excellent base salary and entitled to attractive company benefits. Additionally, you will get the opportunity to enjoy a fun and collaborative work environment, alongside a strong career progression.

To submit your application, please apply online or email your UPDATED CV in Microsoft Word format to deepa@aven-sys.com. Your interest will be treated with strict confidentiality.

CONSULTANT DETAILS

Consultant Name: Deepa Shivakoti

Reg No: R1765546

Avensys Consulting Pte Ltd
EA Licence 12C5759

Privacy Statement: Data collected will be used for recruitment purposes only. Personal data provided will be used strictly in accordance with the relevant data protection law and Avensys' privacy policy.