AWS Security Engineer

New Yesterday

Job Description

AWS Security Engineer Role Overview Were looking for an AWS Security Engineer who can take ownership of cloud security across discovery, design, implementation, and large-scale workload migration. This role sits at the centre of a major AWS transformation program including Landing Zone establishment, EUC/Citrix-to-WorkSpaces modernisation, and full datacentre migration. Youll shape identity, compliance, guardrails, monitoring, MFA/Conditional Access, and ongoing hardening for production. Key Responsibilities Validate MFA, Conditional Access, encryption, logging in discovery phase. Design and embed IAM, RBAC, federation and authentication patterns into architectures. Define AWS security guardrails, SCPs, monitoring and compliance baselines. Configure IAM roles, key management, encryption, logging, CloudTrail, Config, GuardDuty, Security Hub. Support Landing Zone build-out including identity federation, tagging, audit, multi-account governance. Implement VDI/WorkSpaces/Citrix security hardening, MFA, Conditional Access and admin console security. Validate security during pilot migration and bulk migration (200+ workloads) across IAM, MFA, encryption, BCP. Support CIS benchmarking, public-sector standards, compliance tests and penetration test readiness. Tune monitoring dashboards, alerting and incident triage in hypercare. Required Skills & Experience Strong hands-on AWS security engineering background. Deep IAM / RBAC / SCP / AWS Organizations experience. Experience with MFA, Conditional Access, Entra AD federation. Knowledge of CIS, compliance, encryption, KMS, RPO/RTO. Experience enabling GuardDuty, Security Hub, CloudTrail, Config. Exposure to migration-scale security validation.

TPBN1_UKTJ

Apply

Location:: United Kingdom
Job Type:: FullTime
Category:: IT;IT