Cloud Security Engineer

**Description**:
At BandLab Technologies, we are committed to delivering innovative solutions that prioritize security and user trust. As we expand our product offerings, we recognize the critical importance of safeguarding our cloud infrastructure. We are seeking a **Cloud Security Engineer** to join our backend team and lead our cloud security initiatives.

In this role, you will focus exclusively on securing our products and development processes, ensuring they remain resilient against evolving security threats. This is not an IT security role; it does not involve managing organizational devices, corporate accounts, or office networks. Instead, you will contribute to impactful projects that protect the core of our business, working within a collaborative environment that values innovation, knowledge-sharing, and professional growth. If you’re ready to make a tangible difference and grow alongside a supportive team, we’d love to hear from you.

**Key Responsibilities**:
**Security risk management**
- Identify and assess security risks and vulnerabilities across our multi-cloud environments (AWS, Azure, GCP).
- Develop and implement strategies to mitigate identified risks.

**Security enhancement projects**
- Plan, coordinate, and execute security enhancement projects from initiation to completion.
- Collaborate with engineering teams to integrate security best practices into the development lifecycle.

**Infrastructure security**
- Utilize Infrastructure as Code (IaC) methodologies to design and maintain secure cloud infrastructure.
- Develop tools and procedures for managing permissions and access controls.

**Vulnerability management**
- Conduct Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST).
- Perform penetration testing and configuration assessments to identify security weaknesses.
- Review vulnerability reports and guide remediation efforts.

**Incident response**
- Monitor systems for security breaches and respond to incidents promptly.
- Configure and manage Security Information and Event Management (SIEM) systems.
- Develop strategies to prevent future security incidents.

**Compliance and documentation**
- Ensure adherence to relevant security regulations and standards.
- Maintain and update security policies and procedures.
- Prepare for and facilitate security audits.

**Required Skills, Knowledge and Expertise**:
**Experience**
Minimum of 3 years in cloud security roles, with hands-on experience in architecting and implementing security solutions in at least one major cloud provider environment.

**Analytical skills**
Ability to define risks, identify threats, and develop actionable mitigation plans.

**Adaptability**
Comfortable working with various tech stacks and tools.

**Technical proficiency**
- Strong understanding of networking, client-server communication, and authentication protocols (e.g., OAuth/OpenID, SAML, SSO).
- Proficiency in Infrastructure as Code (IaC) tools and methodologies.
- Programming skills in languages such as Python, JavaScript/TypeScript, Java, C#, or Go.
- Experience with cloud monitoring and logging tools like Azure Log Analytics (Kusto), Google BigQuery (SQL), or AWS CloudWatch Logs Insights.
- Experience with serverless architectures and related technologies.
- Familiarity with containerization and orchestration tools, such as Kubernetes.
- Knowledge of cloud-native security services like AWS GuardDuty, Microsoft Defender, or GCP Security Command Center, Wazuh.

**Location and Benefits**:
This role is based in Singapore.

**Benefits**:

- Health insurance for employees and dependents, including cashless visits to panel clinics, hospitalization coverage in private hospitals, and dental insurance
- Paid annual leave, sick, childcare, marriage and volunteer leave
- Flexible work arrangement (where applicable)
- Structured job progression framework, clear career paths with opportunities for growth and advancement, regular performance reviews
- Quarterly bonus
- BandLab Technologies staff discounts on VMI Products, Cafe & Bar

**About BandLab Technologies**:
BandLab Technologies is a company that designs and develops innovative tools and services for the next generation of music creators: global social music creation network BandLab, digital audio workstation Cakewalk, artist services platform ReverbNation and beat marketplace Airbit.

A division of Singapore-based Caldecott Music Group, which also owns Vista Musical Instruments and NME Networks, the company’s mission is to break down the technical, geographical and creative barriers for musicians and fans worldwide.

BandLab is the flagship product of BandLab Technologies, and a leading social music creation network with a global reach of over 100 million users and growing. Its cross-platform creative ecosystem offers everything from a next-generation digital audio workstation, to an advanced suite of creator tools and features, to niche artist services. BandLab em