Cloud & AI Security Architect
PropertyGuru Group · Bengaluru, Karnataka, India
Software Development · 1,001-5,000 employees
About the role
Design and operate secure cloud architectures across AWS and GCP, implementing guardrails and infrastructure-as-code pipelines. Extend security controls to AI/ML platforms, focusing on data protection and the mitigation of LLM-specific threat vectors.
What they look for
Requirements
Requires over 10 years of security engineering experience with at least 6 years specializing in AWS or GCP. Must possess deep knowledge of cloud-native security controls and a working understanding of AI/ML security frameworks like NIST AI RMF and OWASP Top 10 for LLMs.
Benefits
Full description
PropertyGuru is Southeast Asia’s leading PropTech company, and the preferred destination for over 32 million property seekers monthly to connect with over 50,000 agents monthly to find their dream home. PropertyGuru empowers property seekers with more than 2.1 million real estate listings, in-depth insights, and solutions that enable them to make confident property decisions across Singapore, Malaysia, Thailand and Vietnam.
PropertyGuru.com.sg was launched in Singapore in 2007 and since then, PropertyGuru Group has made the property journey a transparent one for property seekers in Southeast Asia. In the last 18 years, PropertyGuru has grown into a high-growth PropTech company with a robust portfolio including leading property marketplaces and award-winning mobile apps across its markets in Singapore, Malaysia, Vietnam, Thailand as well as the region’s biggest and most respected industry recognition platform – PropertyGuru Asia Property Awards, events and publications across Asia.
For more information, please visit: PropertyGuruGroup.com; PropertyGuru Group on LinkedIn.
Recognised as a Top Employers Certified* organisation, we’re proud to be among the best workplaces in the region—celebrating an inclusive culture of excellence, growth, and well-being.
Position Overview
We are seeking an experienced, hands-on Staff Security Engineer with deep expertise in securing large-scale cloud environments on AWS and GCP. The ideal candidate has spent years designing, building, and operating cloud security architectures and controls — IAM, network security, encryption, detection, and guardrails — and brings a working knowledge of securing AI/ML workloads as these become a growing part of our cloud estate. You will play a pivotal role in hardening our multi-account, multi-region cloud footprint and in extending proven cloud security practices to AI-powered services, including generative and agentic AI implementations.
Primary Responsibilities
- Design, implement, and operate cloud security architectures across AWS and GCP: organization/account structures, SCPs and organization policies, IAM and permission boundaries, KMS and encryption strategy, VPC design and network segmentation.
- Build and maintain preventive and detective guardrails at scale — manage CSPM, security services (e.g., AWS Security Hub, GuardDuty, GCP Security Command Center), and automated remediation.
- Embed security into infrastructure-as-code pipelines (Terraform, CloudFormation): policy-as-code, pre-deployment scanning, drift detection, and secure module patterns.
- Secure container and Kubernetes workloads (EKS, GKE), including image supply chain, runtime controls, and workload identity.
- Own vulnerability management across the cloud estate: continuous discovery and asset inventory, cloud-native and agent-based scanning (workloads, containers, serverless), risk-based prioritization using exploitability and reachability context (e.g., EPSS, KEV, internet exposure), and driving remediation with workload owners against defined SLAs.
- Conduct security risk assessments, security design reviews, and threat modeling for cloud workloads, including AI/ML services and applications.
- Extend cloud security controls to AI/ML platforms and services (e.g., AWS Bedrock, etc.): data protection, access control, endpoint and API security, and controls for agentic AI components such as MCP servers and tool integrations.
- Develop and enforce security standards, policies, and baselines for cloud and AI/ML technologies, and drive their adoption across engineering teams.
- Collaborate with DevOps, Platform, Data, and Engineering teams to integrate security throughout the SDLC and ML lifecycle.
- Support monitoring and response for security incidents involving cloud and AI/ML infrastructure, ensuring rapid containment and remediation.
Required Qualifications
- Bachelor's degree or equivalent practical experience.
- 10+ years of overall security engineering experience, including security assessments, security design reviews, and threat modeling.
- 6+ years of hands-on cloud security engineering experience on AWS and/or GCP, with demonstrated depth in at least one and working proficiency in the other.
- Proven proficiency designing and implementing cloud-native security controls at scale: IAM, KMS, VPC and network segmentation, encryption, logging and detection, and multi-account/multi-project governance.
- Hands-on experience with infrastructure-as-code (Terraform, CloudFormation) and security automation.
- Experience running cloud vulnerability management programs, including risk-based prioritization and remediation tracking across multi-account environments.
- Working knowledge of AI/ML security risks — data privacy, model and endpoint security, prompt injection and related LLM threat vectors — and the ability to assess and quantify these risks using frameworks such as NIST AI RMF, OWASP Top 10 for LLM Applications, and MITRE ATLAS.
- Excellent analytical, problem-solving, and communication skills.
Preferred Skills
- Certifications such as AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, or CISSP.
- Direct experience securing managed AI platforms, including guardrails, data isolation, and compliance automation for generative and agentic AI.
- Familiarity with adversarial ML techniques (evasion, poisoning, model inversion/extraction, jailbreak testing) and responsible AI practices.
- Experience with CNAPP, container security, and Kubernetes security tooling.
- Experience working in agile, multicultural, and cross-functional teams.
Soft Skills Required
- Strong interpersonal skills with excellent written and verbal communication.
- Uncompromising personal and professional integrity and ethics.
- Clear articulation of complex technical concepts to both technical and non-technical stakeholders.
- Creative and analytical thinking to navigate challenges and develop practical solutions.
- Sound, risk-informed judgment — evaluating situations logically to make decisions and anticipate potential risks.
- Effective prioritization and deadline management while managing multiple stakeholders.
Our commitment to you:
- Hybrid flexible working that focuses on outcomes over hours.
- Holistic rewards package covering your financial, physical & mental health.
- Multi-directional career development across all levels.
- Inclusive benefits like equal paternity leave, supporting all employees in work-life balance.
At PropertyGuru, you’ll be part of a Top Employers Certified* company that puts people at the heart of everything we do.