AWS Cloud Security Engineer
Hong Kong
Qube Research & Technologies
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors.
Your Role at QRT
In this role, you will be responsible for securing and optimising our AWS cloud infrastructure. You will implement critical security controls and enhancements while collaborating with stakeholders across the business from IT and operations to risk management and executive leadership to ensure alignment with our overall security objectives.
- Cloud Security Implementation: Assist in refining our AWS security strategy by applying industry-standard controls and continuously enhancing our cloud security posture.
- IAM & Access Management: Help manage and optimise Identity and Access Management (IAM) frameworks, including the application of permission boundaries to enforce least privilege access.
- Policy Enforcement: Support the implementation and upkeep our Service Control Policies (SCP) and Resource Control Policies (RCP) across AWS accounts to ensure the consistent application of security best practices.
- Security Services Integration: Deploy and manage AWS security services (e.g., GuardDuty, Security Hub, CloudTrail, Config) to monitor, detect, and respond to threats while ensuring continuous security oversight.
- Encryption & Data Protection: Support the integration of encryption solutions such as KMS to protect sensitive data and maintain compliance with regulatory standards.
- Security Baselining: Help establish and maintain security baselines for AWS environments, continuously monitoring for deviations and ensuring adherence to compliance requirements.
- Automation Frameworks: Contribute to the development and deploy robust automation frameworks using Infrastructure as Code (IaC) tools such as Terraform or CloudFormation, enhancing operational efficiency and supporting proactive security improvements.
- Cloud Security Operations: Enhance our cloud security operations by leveraging tools and methodologies across CSPM, CWNP, and ASPM frameworks to continuously monitor, detect, and respond to security issues.
- Stakeholder Management: Engage with a wide range of stakeholders across the business to ensure the integration and alignment of security measures across all operational areas.
Your Skillset
- Experience: Minimum of 3 years in cloud security, platform security, or engineering roles, including related experience in fields such as DevSecOps.
- AWS Expertise: Experience with AWS cloud services and a deep understanding of AWS security best practices, including expertise in IAM, permission boundaries, SCP, and RCP.
- Technical Proficiency: Experience implementing and optimising secure cloud architectures while leveraging AWS security services to mitigate risks and protect critical assets.
- Security Baselining: Demonstrable experience in establishing and maintaining security baselines to ensure consistent and compliant cloud configurations.
- Automation & IaC: Exposure Infrastructure as Code (IaC) tools such as Terraform or CloudFormation, with a strong focus on developing and managing stable automation frameworks.
- Python Scripting: Familiarity in Python scripting to support automation and security tooling.
- Cloud Security Operations: Familiarity in managing cloud security operations utilising tools such as CSPM, CWNP, and ASPM to maintain continuous compliance and security oversight.
- Stakeholder Engagement: Experience in managing stakeholder relationships and collaborate effectively across various teams to align security initiatives with broader business objectives.
- Analytical & Collaborative: Strong problem-solving and analytical skills, with effective verbal and written communication to thrive in a dynamic, high-paced environment.
- Learning Orientation: Strong desire to grow within the cloud and security space, taking initiative and seeking mentorship where needed.
QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Cloud Compliance CSPM DevSecOps Encryption IAM Monitoring Python Risk management Scripting Security strategy Strategy Terraform
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.