Contact

Cloud Security · 10+ years

Muhammad Azrin Jamaludin

Manager Cloud Security Engineer

Cloud Security Manager with over 10 years of experience in cybersecurity, cloud governance, and identity access management. Proven track record in leading cloud security architecture initiatives, DevSecOps integration, and regulatory compliance (RMiT, PCIDSS, ISMS). Adept at strengthening security postures across AWS environments and implementing advanced cloud-native and third-party security solutions.

Location Shah Alam, Malaysia
LinkedIn Profile
Connect on LinkedIn

Work Experience

Manager Cloud Security Engineer

Bank Islam Malaysia Berhad

07/2024 – Present

  • Led the implementation of AWS Control Tower, enhancing multi-account governance, security baselines, and compliance across the cloud environment.
  • Enhanced mobile app security to align with Bank Negara RMiT requirements.
  • Designed and enforced AWS SSO and SCP policies, improving access control and reducing unauthorized changes.
  • Collaborated on SOC setup and WAF reviews to enhance Layer 7 protection and threat detection for internal and customer-facing systems.
  • Automated cloud compliance monitoring and incident response using AWS Config, Security Hub, and Lambda functions.
  • Conducted regular cloud security posture assessments (CSPM) and remediation planning to mitigate misconfigurations and improve audit readiness.
  • Provided DevSecOps guidance to development teams, integrating security into CI/CD pipelines with Terraform, OPA, and AWS native tools.
  • Implemented 3rd Party Key Management Tools to enhance key management and encryption across Cloud Environment, ensuring compliance with Bank Negara encryption and data sovereignty requirements.
  • Enabled and configured AWS Shield Advanced for critical workloads, integrating with WAF, CloudFront, and Route 53 to protect against large-scale DDoS attacks and leverage AWS DDoS Response Team (DRT) support.

Deputy Manager Cloud Security Engineer

Bank Islam Malaysia Berhad (CDX)

04/2022 – 07/2024

  • Led Identity and Access Management (IAM) operations, overseeing the provisioning and governance of application user IDs, privileged access, and service identities.
  • Conducted regular Security Baseline Reviews and Identity Access Reviews (IARs) to ensure compliance and least-privilege access across cloud environments.
  • Managed AWS Network Security Groups (SGs) to enforce segmentation and control inbound/outbound traffic for cloud workloads.
  • Acted as Security Evaluator for the BIMB CDX Project, providing detailed assessments and recommendations on security architecture and controls.
  • Integrated Web Application Firewall (WAF) solutions into the AWS environment to protect applications from OWASP Top 10 threats and Layer 7 attacks.
  • Oversaw the resolution of Vulnerability Assessment and Penetration Testing (VAPT) findings across mobile apps, backend systems, and web platforms to ensure risk mitigation and compliance.

Assistance Manager / Senior Engineer

Payments Network Malaysia Sdn Bhd (PayNet)

01/2020 – 04/2022

  • Key management: Managing and implementing Digital Certificate for Message signing Certificate, SSL certificate in various platforms.
  • Identity Access Control for local Windows, Active Directories, Linux, MSQL, Oracle: periodic User ID Entitlement review, privilege IDs, service IDs and administrators user for quarterly review.
  • Identity Access Control for Native Application & Custom applications.
  • Establish Security Baseline for applications, servers and database: details and standard for Servers and application, including access matrix.
  • Audit rectification regarding Access control, based on PCIDSS, ISMC and Company Policies and Compliance requirement.
  • Identity & Access Management Project Technical Lead: Implementing IAM solutions (Okta) cloud solutions, PAM and IGA solutions.
  • Responsible for team improvement, including reducing manual work, scripts, SOP, and training for Security Access Control Team.

Security Engineer

Payments Network Malaysia Sdn Bhd (MyClear / MEPS)

08/2016 – 01/2020

  • Key management and Digital Certificate implementation (Message signing, SSL) across platforms.
  • Identity Access Control for Windows, Active Directories, Linux, MSQL, Oracle; Security Baseline for applications, servers and database.
  • Audit rectification for Access control (PCIDSS, ISMS and Company Policies).
  • Product Support for Windows, Linux, IBM, Oracle; support for Internal and External parties (Banks, Merchant & Vendor).

IT Technician

TeleDirect

02/2016 – 07/2016

  • Customer Support and Contact Centre; managing user computers and laptops; day-to-day support for internet and computer issues; server maintenance.

Junior Engineer

Payments Network Malaysia Sdn Bhd (MyClear — Bank Negara Subsidiary)

12/2012 – 08/2015

  • Key management, Identity Access Control, Security Baseline review; Operations and Product Support for PayNet products; Security System Access Control.

Skills

  • Linux & Windows Security
  • Security Baselines & Audit Compliance
  • AWS Security and Governance
  • Identity & Access Management (IAM, Okta, IGA)
  • Certificate and Key Management
  • Bash Scripts & Terraform

Personal Projects

Exploring CNAPP to replace CSPM

Evaluating CNAPP solutions to enhance or replace traditional CSPM tools.

CI/CD for user management in Cloud Environment

Automating access provisioning using Terraform, Jenkins, and AWS pipelines.

Education

Diploma in Internet Computing (Majoring in Network System)

Multimedia University, Malacca Campus · 2007 – 2011

Sijil Pelajaran Malaysia

Sekolah Menengah Seksyen 19 · 2005 – 2006

Certifications & Courses

CEH v910/2017 – Present
AWS Solutions ArchitectUdemy · 02/2021
AWS Cloud Practitioner EssentialsAWS Training · 08/2020
DevSecOps ProfessionalProfessional
AWS Certified Security SpecialtyAWS
AWS Solutions Architect AssociateAWS