Logo

Senior Security Engineer, Cloud Security & Vulnerability Management

Crypto.com
Hong Kong
Full time
Hybrid

Overview

Department

IT

Job type

Full time

Compensation

Salary not specified

Location

Hong Kong, East Asia

Company size

Mature [ 50+ employess ]

Resume Assistance

See how well your resume matches this job role with our AI-powered score. By uploading your resume, you agree to our Terms of Service

Ready to apply?

You're one step away - it takes less than a minute to upload your resume

Seeking an intermediate security specialist for Global Cybersecurity Services. The role involves enhancing security technology, building AI-driven automation, and contributing to security operations and vulnerability management.

Requirements

  • 5-7 years of experience in Information Security, with technical hands-on experience in Security Operations, Security Engineering, Digital Forensics, Incident Response, Endpoint Security or Cloud Security.
  • Working Experience with SIEM, EPP/EDR/XDR, SOAR, Cloud Security (CSPM, Container Security, etc), Digital Forensics software & tools.
  • Deep expertise in Cloud environments like AWS, Azure and GCP.
  • Experience in Amazon EKS and Azure AKS for deploying, managing, and securing container orchestration platforms.
  • Experience in applying AI/ML in cybersecurity use cases.
  • Experience in using scripting languages to automate tasks and manipulate data or programming experience.
  • Highly self-motivated, attention to detail and outcome driven.
  • Proficiency in verbal and written English.

    • Responsibilities

  • Cloud & Container Security- Develop, deploy and maintain advanced cloud security controls to enable the prevention, detection and response to security threats in cloud and container environments. Configure and deploy cloud-native security controls (eg. AWS GuardDuty, Google SCC, Azure Security Centre, CSPM/KSPM, CNAPP solutions etc.)
  • Cloud Investigation and incident response- Proficient in end-to-end Incident Response. Able to take the lead and provide guidance during investigations and incidents to pivot the investigation, drive containment, mitigation and other security outcomes. Proficient in performing investigations using open source and proprietary tools, including but not limited to - EPP/EDR/XDR software, Digital Forensics tools/software, SIEM platforms
  • Configuration Management- Design, develop, and maintain Ansible playbooks for automating server configuration hardening in alignment with various compliance frameworks (e.g., CIS, PCI-DSS, NIST).
  • Cloud Vulnerability Management- Configure, execute and maintain regular vulnerability scans on cloud environments using industry standard tools. Analyze scan results to assess the severity of the vulnerabilities, leveraging industry best practices and frameworks (eg. CVSS, etc); and prioritise remediation based on risk and business impact.
  • Security Projects- Lead projects and initiatives that may involve - Cloud Security Posture Management (CSPM), Container Security, Native Cloud Security Enhancements (AWS, Azure, GCP), Runtime Vulnerability Management, Threat Hunting, Network/Endpoint/Cloud security reviews, etc.
  • Leadership- Be comfortable with cross-functional leadership and stakeholder management. Be willing to lead and nurture a small team of junior security specialists.
    • Company
    About
    Academy
    Pricing
    Partnerships
    Legal
    Terms
    Privacy
    Cookies
    Contact
    © All rights reserved.