Security Engineer
Manus AI · Singapore · Full-time
Quick Summary
- Build and maintain global cloud security incident response mechanisms.
- Design, deploy, and maintain security solutions across multi-cloud platforms.
- Conduct regular vulnerability scans, risk assessments, and penetration tests.
Full Description
We are looking for a passionate and experienced Senior Information Security Engineer to join our top-tier tech team. You will be a key member of our security function, responsible for designing, implementing, and continuously improving security across our global multi-cloud environment. You will not only respond to security incidents but also drive forward-looking security strategies and technical innovation.
Key Responsibilities
- Threat Modeling & Incident Response: Build and maintain global cloud security incident response mechanisms, develop clear playbooks, and lead regular drills. Quickly handle complex security incidents, perform root cause analysis (RCA), and implement preventive measures.
- Security Architecture & Operations: Design, deploy, and maintain security solutions across multi-cloud platforms (AWS, GCP, Azure), ensuring architecture is scalable, resilient, and future-proof.
- Enterprise Security Leadership: Drive security strategy alignment with business processes, continuously raising organizational security maturity.
- Compliance & Automation: Ensure security practices meet international standards such as ISO 27001, ISO 27701, SOC 2. Promote security automation and “Security as Code” initiatives to improve operational efficiency.
- Vulnerability Management & Penetration Testing: Conduct regular vulnerability scans, risk assessments, and penetration tests. Track emerging threats and coordinate remediation efforts.
Qualifications
Required:
- Bachelor’s degree in Computer Science, Cybersecurity, or related field, with 3+ years of experience in information security.
- Strong expertise in cloud security, with hands-on experience in at least two major cloud platforms (AWS, GCP, Azure) and native security tools (e.g., AWS Security Hub, GCP Security Command Center).
- Solid Linux system security skills, including hardening, log analysis, intrusion detection, and incident response.
- Proven ability to handle high-pressure security incidents and perform clear post-incident reviews.
- Strong knowledge of web and application security, with experience in penetration testing and code audits.
Preferred:
- Recognized contributions to bug bounty programs or high-quality vulnerability reports.
- Strong performance in CTF competitions or deep interest in offensive/defensive security research.
- Professional certifications such as CISSP, CISA, OSCP, AWS/GCP/Azure security certifications.
- Experience developing security tools or automation scripts using Python, Go, or similar languages.