We are seeking a highly technical, forward-thinking Tech Risk or Assurance Analyst to join our cybersecurity team. In this role, you will be responsible for validating the design and operational effectiveness of our security controls across our entire enterprise landscape. This includes our complex multi-cloud infrastructure (Azure, Google Cloud, Huawei Cloud), our advanced security technology stack, and the global end-user computing environment. This position requires a hands-on technical practitioner who understands how to test system configurations and leverage Artificial Intelligence (AI) to automate and accelerate the assessment lifecycle. Roles & Responsibilities (R&R) • Conduct hands-on technical validation of security controls across Azure, Google Cloud (GCP), and Huawei Cloud environments. • Validate the effectiveness of critical defense platforms including Next-Gen SIEM/SOAR, EDR/NDR, WAF, SASE, CSPM, and Threat Intelligence integrations. • Assess controls protecting endpoints, mobile devices, identity and access management (IAM), and remote access protocols (Zero Trust/ZTNA). • evaluate the configuration and enforcement of PAM solutions (e.g., LAPS, enterprise vaulting solutions) to ensure least-privilege principles are maintained. • Evaluate architecture and deployments against industry best practices and frameworks (e.g., NIST, CSA CCoP). • Leverage AI tools to accelerate control mapping, evidence gathering, log analysis, and risk scoring. • Develop scripts and utilize AI to automate repetitive assurance tasks. • Translate complex technical findings from cloud, security stack, and endpoint assessments into clear, risk-based reports for stakeholders and executive leadership. • Identify control gaps and misconfigurations. Work closely with Cloud Architecture, IT Infrastructure, and Security teams to drive actionable remediation plans. • Continuously refine the cyber assurance methodology, utilizing AI insights to reduce assessment cycle times and improve the accuracy of control health metrics. Experience & Education: • Minimum 5 years’ experience in IT Security, Risk and Compliance. • Knowledgeable in security standards or regulations such as NIST CSF, ISO 27001, SOC2, CCOP (SG), PDPA (SG), GDPR(EU), MLPS(CN), Security by Design. Technical Skills • Security Technology Stack: Hands-on experience operating, configuring, or auditing enterprise security tools such as EDR/NDR, Next-Gen SIEM/SOAR, SASE, WAF, and PAM solutions. • Multi-Cloud Expertise: Technical understanding of native security controls, architecture, and deployment models in Microsoft Azure and Google Cloud Platform (GCP). Familiarity with Huawei Cloud or Cloud Security Posture Management (CSPM) platforms is highly desirable. • End-User Security: Strong understanding of endpoint hardening (Windows/macos), Mobile Device Management (MDM), Identity Providers (idp), and secure remote access architectures. • Control Validation: Proven experience practically testing controls (e.g., querying cloud apis, testing EDR detection capabilities, reviewing IAM policies, analyzing network flow logs) rather than relying solely on policy reviews. • Experience using AI to optimize work processes, summarize data, or generate automation scripts. • Familiarity with OT/ICS security standards or OT monitoring tools is a plus. Soft Skills • Independent worker with initiatives, positive attitude, and team player. • Good analytical skills and attention to details • Good verbal and written communication • Planning and organizational skills • Presentation skills