IT Security Manager (Cloud Security)

TL;DR

IT Security Manager (Cloud Security): Defining and executing the end-to-end security program across product, cloud, and corporate environments with an accent on GRC, AppSec, and AWS infrastructure. Focus on embedding security into the SDLC, implementing cloud guardrails, and managing incident response for a high-scale SaaS platform.

Location: On-site in Bandar Sunway, Selangor, Malaysia

Company

hirify.global is a creative software company providing high-scale consumer SaaS tools for image editing.

What you will do

• Establish and maintain security policies aligned with ISO 27001, SOC 2, and GDPR.
• Integrate security into the SDLC via threat modeling, secure coding standards, and CI/CD tooling (SAST/DAST).
• Operate cloud security controls in AWS, including identity management and policy-as-code.
• Coordinate incident response plans and manage centralized security logging and detection.
• Enforce identity lifecycle management and partner with Legal on privacy impact assessments.
• Deliver security awareness training and track operational risk metrics.

Requirements

• 6–10 years of experience in IT or application security.
• Hands-on expertise in AppSec, secure SDLC, and vulnerability management.
• Practical experience with AWS security services and cloud monitoring.
• Proficiency with security tooling (SAST, DAST, secret management).
• Strong knowledge of ISO 27001, SOC 2, PDPA, and GDPR.
• Must be based in or able to work on-site in Bandar Sunway, Malaysia.

Nice to have

• Certifications: CISSP, CCSP, AWS Security Specialty, or ISO 27001 Lead Implementer.
• Experience with Kubernetes, serverless security, or SBOM.
• Background in EdTech or high-scale consumer SaaS.

Culture & Benefits

• Comprehensive medical and insurance coverage.
• Optical and dental subsidies.
• Additional annual leave credited yearly.
• Professional growth opportunities through training and guidance.
• Diverse and challenging work environment.