Minimum 5 years’ experience in cyber security, with hands-on in Microsoft security services
Resident Engineer shall possess at least one Microsoft Azure security certification (AZ-500) and one Microsoft Compliance-related certification (SC-900 / SC-300 / SC-400), with hands-on experience in compliance gap assessment and remediation for Azure and Microsoft 365 environments.
Additional certifications (AWS, CISSP, CISM, ISO 27001) are an added advantage.
Experience in compliance monitoring, and audit support (e.g. NIST, PCI DSS, ISO/IEC 27001, PDPA,GDPR and the Cyber Security Act 2024).
Responsible for:
- Provide cyber security assurance and advisory oversight for Microsoft cloud environments by monitoring the design, implementation and effectiveness of Microsoft cloud security controls and configurations, to ensure alignment with the cyber risk appetite, security governance framework and compliance requirements, including but not limited to Microsoft cloud Best Practices, NIST, PCI DSS, ISO/IEC 27001,GDPR, PDPA and the Cyber Security Act 2024.
- Support cyber assurance activities, including CSRA review, internal audits, regulatory reviews, management assurance reporting and third-party assessments related to Azure, M365, Power BI environments.
- Review and provide advisory input on cloud security policies, standards, procedures and baselines to ensure consistency across the Group, including subsidiaries where applicable.
- Monitor and report on the Azure, M365, Power BI security posture and compliance status including tracking risk trends, compliance gaps and remediation progress.
- Produce regular (e.g. weekly/monthly) security and compliance reports that provide visibility into the Microsoft cloud security posture, key risks, potential vulnerabilities and areas for improvement, to support informed management and governance decision-making.
- Act as a trusted advisor to Microsoft cloud related cyber security risks, emerging threats, regulatory developments and industry best practices