Senior AWS Platform Engineer (Security)

Senior AWS Platform Engineer (Security)
£540.00 per day Umbrella
UK - Predominantly remote some travel to London / Manchester
Initially till end of March (likely contract extension)
SC Clearance Required

Our client is currently looking for an experienced Platform Engineer with a strong focus on AWS security architecture and governance. This role will ensure our cloud platforms are secure, compliant, and resilient by implementing best-in-class security practices across AWS environments. Leveraging your expertise in cloud technologies and best practices, you will work closely with tenants to architect, implement, and optimise solutions. You will collaborate with cross-functional teams to drive innovation and deliver exceptional value to our customers.

Responsibilities:

Cloud Security Tooling and Integration:

Design and implement security controls across AWS accounts and services.
Implement AWS security services such as GuardDuty, Security Hub, Macie, and KMS.
Configure and manage AWS Identity and Access Management (IAM), including roles, policies, and least-privilege principles.
Experience in protective and runtime vulnerability monitoring tooling such as Splunk, Tenable Nessus and Dynatrace AppSec respectively.
Conduct vulnerability scanning and remediation using tools like AWS Inspector, Snyk, or Trivy.Governance & Compliance:

Establish and maintain security baselines aligned with organizational and regulatory standards (ISO, NIST, CIS).
Integrate security guardrails using AWS Control Tower and Landing Zone Accelerator.
Conduct regular security posture assessments and audits.
Automation & Infrastructure as Code: -
Automate security configurations using Terraform, AWS CDK, or CloudFormation.
Embed security checks into GitHub CI/CD pipelines for continuous compliance.
Develop automated remediation workflows for security findings.Monitoring & Incident Response:

Implement monitoring and alerting for security events using AWS native tools and SIEM integrations.
Support incident response and root cause analysis for security breaches or vulnerabilities.
Maintain documentation and runbooks for security operations.
Collaboration & Enablement: -
Work closely with platform and application teams to embed security best practices.
Provide training and guidance on AWS security principles.
Act as a subject matter expert for cloud security within the organization.

Skills / Experience:

Security Services and Architecture: Strong hands-on experience with AWS security services (IAM, KMS, GuardDuty, Security Hub, Macie).
Cloud Security frameworks and standards: Knowledge of governance frameworks and compliance standards (ISO 27001, NIST, CIS benchmarks).
Platform Engineering: Proficiency in designing and implementing scalable, resilient, and secure platforms using public cloud (AWS, GCP).
Automation: Experience with infrastructure-as-code (IaC) practices, automation tools (e.g., Terraform, Ansible) and scripting languages (e.g. Python, Ruby).
DevSecOps Practices: Strong experience with CI/CD security integrations and DevSecOps Practices.
Network Security: Solid understanding of network security in AWS (VPC, security groups, NACLs).
Knowledge of continuous integration and deployment practices
Knowledge of Infrastructure as Code
Knowledge of deploying, managing, and configuring Kubernetes clusters in a Public Cloud environment
Ability to collaborate with people of all levels of technical ability
Understanding of industry best practices
Team player / Pro active

Qualifications

Certification in relevant cloud technologies (AWS, Azure, GCP) at an associate level is highly desirable, e.g.:

AWS Certified: Solutions Architect Associate
AWS Certified: Solutions Architect Professional