OPTIMUM SOLUTIONS (SINGAPORE) PTE LTD is hiring for a Cloud Security Engineer internship — a 12-month, hybrid Government Policy role based in CHANGI BUSINESS PARK CRESCENT, Singapore. It is an unpaid internship. It is open to university students, typically in Year 2–4. Applicants with experience in Security Architecture, Certifications, Cloud Security, Enterprise Risk Management, and Risk and Regulatory are a strong fit.
⚡ New Government Policy internships, the moment they're posted — join our Telegram
About this role
Overview: The Cloud Security Engineer is responsible for strengthening cloud and hybrid infrastructure security through governance, risk management, architecture assurance, and continuous improvement of detection and response capabilities. Responsibilities: • Develop, document, and maintain cloud security policies, standards, and procedures aligned with regulatory expectations and organizational risk appetite. • Design and enhance risk assessment methodologies and security frameworks to ensure consistent evaluation and treatment of risks across cloud and enterprise environments. • Conduct architecture reviews and threat modelling for new and existing systems to identify design-level security risks and recommend mitigations. • Perform risk assessments and produce clear, actionable reports with prioritized remediation plans tailored to business impact and compliance requirements. • Review and tune detection rules, correlation logic, and security policies to improve alert quality, reduce false positives, and enhance detection effectiveness. • Collaborate with Security Engineering and SOC teams to continuously improve monitoring, detection, and response capabilities through iterative feedback loops. Requirements: • 5-7 years of experience in cloud security across AWS, Azure, or GCP in enterprise environments. • Good understanding of security architecture, infrastructure design, IAM, encryption, logging, and cloud-native security controls. • Experience in risk assessment methodologies, security frameworks, and enterprise risk management practices. • Familiarity with threat modelling techniques and identifying design-level vulnerabilities. • Hands-on experience with SIEM tools, detection rules, correlation logic, and alert tuning. • Ability to translate technical security risks into clear, prioritised remediation actions and risk-based reports. • Strong analytical skills with the ability to assess complex systems and prioritise risks effectively. • Experience in financial services, government, or similarly regulated industries is preferred. • Certifications such as CISSP, CISM, or cloud security certifications are advantageous.
Also in Government Policy