About

• QCP is Asia's leading digital asset partner, empowering clients to seamlessly integrate digital assets into their portfolios.
• We offer a comprehensive range of solutions - from spot on/off ramping and fixed income strategies to vanilla options and bespoke exotics.
• Driven by the vision to be the most trusted partner in digital asset markets, we provide innovative solutions that make digital assets a core component of every portfolio, balance sheet, and treasury.
• Since our founding in 2017, we have witnessed the potential of digital assets to transform financial markets and the world at large. We exist at the centre of change, successfully navigating three market cycles and bridging institutional and crypto ecosystems.
• We work to build trusted partnerships, putting client success and care at the heart of everything that we do.
• Responsibilities

• ● Cloud Adoption: Support the onboarding and offboarding to organization’s cloud platforms and services, and enhancing
• user experience through optimizing workflows and reduced onboarding timelines
• ● Cloud Infrastructure: Design, implement and maintain secure cloud environments such as firewalls, Cloud Network segmentation, IAM systems, and encryption to protect cloud infrastructure and data
• ● Cloud Operations: Manage virtual asset inventory, continuous monitoring of the cloud resource performance and establish BCP/DR plans and data backup procedures
• ● Multi-Cloud Security: Implement, monitor, and manage native security services across AWS (e.g., Security Hub,
• GuardDuty, Config, Service Control Policies, Control Tower) and/or Azure (e.g., Security Center/Defender for Cloud, Azure
• Policy, Key Vault, Azure Monitor)
• ● Security Automation & Infrastructure as Code (IaC): Design, implement, and manage security controls and infrastructure using IaC such as Terraform or Cloud formation to ensure deployments are compliant, repeatable and auditable
• ● Pipeline Security: Integrate automated security testing tools and processes into the CI/CD pipeline (e.g., SAST, DAST, IaC scanning) to enforce security gates before deployment
• ● Compliance & Auditing: Ensure all deployed cloud infrastructure adheres to internal security policies and external regulatory requirements
• ● Monitoring & Response: Configure and manage cloud native logging and monitoring solutions to detect security incidents and trigger automated responses
• ● Collaboration: Work closely with DevOps and IT teams to provide guidance on cloud security best practices and ensure a smooth, secure deployment process
• ● Adhere to change management process where applicable
• ● Create and maintain detailed documentation of runbooks, Standard Operating Procedures (SOPs), configurations, incident response playbooks, escalation procedures and communication workflows
• ● Collaborate with other departments, IT teams and vendors to implement and manage IT solutions
• ● Drive and support IT projects within the organization
• Proficiency with Terraform or Cloudformation for provisioning and managing secure cloud infrastructure.
• Practical experience with the security models and native security services of AWS and/or Azure.
• Strong scripting and automation skills (e.g., Python, Bash, Powershell) for developing custom scripts and automating remediation.
• Experience implementing and managing key security concepts such as Identity and Access Management (IAM), network security (VPC/VNet configuration, Firewalls, WAFs), and data encryption (in-transit and at-rest).
• Understanding of DevSecOps principles and CI/CD pipeline integration (e.g., using GitHub Actions or Bitbucket pipelines).
• Vendor Management: Liaise effectively with vendors to deliver quality and timely services and solutions
• Knowledge Base: Consistent and timely update of documentation for internal and external use
• Adaptable who will stay current with rapidly evolving cloud technologies and best practices
• Possess problem-solving and analytical skills with the ability to analyze complex issues and develop effective solutions
• Strong communicator who can explain technical information to both technical and non-technical audiences
• 3+ years of hands-on experience in a dedicated Cloud Security, DevOps, or Site Reliability Engineering role with a strong security focus.
• Good to have: Background in regulated industries or experience designing infrastructure to meet specific compliance frameworks.
• Good to have: Relevant industry certifications (e.g., AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate).
• Good to have: Experience with using cloud security solutions with AI enhancement
• The Environment We Offer
• As a growing firm with a tightly-knit team, we respect and listen to all our employees. You will get the chance to make an impact by having your voice heard by everyone, including the management.
• Our employees enjoy a high level of autonomy at work. We focus on substance, not form - as long as you can perform, you will be recognized and rewarded. We are also dedicated to supporting our staff and ensuring they develop holistically to maximize their potential in the long- term.
• We also provide flexible working arrangement as required and a casual and fun environment to boot!