Cloud Security Engineer - Manila

Team Brief:

He/She will also assist in building necessary capabilities in cloud security technology enablement, collaborate with Architects and Cloud teams to enforce security by design, assessing information security risk and ensuring cloud security hygiene adoption are buried in day-to-day business.

• Design and implement cloud security controls and best practices across multi-cloud environments (AWS, Azure, GCP).
• Ensure cloud security guardrails are enforced, aligning with regulatory standards and industry best practices (e.g. NIST, CIS, ISO 27001, PCI-DSS)
• Work closely with Security Architect on risk assessments for cloud services and architectures to ensure compliance.
• Partner with Security Architect, Solution Architects, Cloud Team and engineering teams to embed security by design into cloud services, CI/CD pipelines, and Infrastructure-as-Code (IaC) deployments.
• Monitor and improve Cloud Security Posture Management (CSPM), ensuring continuous compliance and control effectiveness.
• Participation of internal audits and compliance reviews, by providing evidence of control effectiveness.
• Translate security requirements into practical cloud security solutions.
• Continuously research about new threats, vulnerabilities, and implement relevant cloud security controls when required, to ensure the business is well protected.

• Bachelor’s Degree in Computer Science, Information Security, or equivalent required, with at least 4-5 years of experience in Cloud Security.
• Solid understanding of cloud security, microservices network, serverless, containerized application and shared responsibility model across AWS, Azure, or GCP.
• Familiarity with regulatory and industry frameworks such as NIST CSF, CIS, ISO 27001, PCI-DSS.
• Hands-on experience with CSPM tools (e.g. Prisma Cloud, Aqua Security, Orca Security, AWS Security Hub, Azure Defender, GCP Security Command Center).
• Strong experience in designing and managing IAM, encryption and key management policies in the cloud.
• Excellent communication skills to engage stakeholders and influence adoption of cloud security controls.

Good To Have:

• Experience in security architecture and application security is a plus.
• Knowledge of security automation and Infrastructure-as-Code (Terraform, CloudFormation) is a plus.
• Ability to apply risk-based concept is a plus.
• Relevant certifications: CCSP, AWS Security Specialty, Azure Security Engineer, GCP Professional Cloud Security Engineer.

Personal Traits:

• Strong passion in Information Security.
• Can do attitude and work as a team.
• Possesses strong problem-solving skill, a sense of accountability, ownership and drive.
• Make confident decisions and drive results through others while fostering collaboration and innovatio