Cloud Security Engineer

We are looking for an AWS Cloud Engineer to join our Service Infrastructure team in Solihull (West Midlands).

What you'll be doing

Reporting to the CISO you'll be involved in:

- Collaborating with DevOps teams to design and implement secure AWS infrastructure, services, and applications.

- Conduct regular security assessments and audits of AWS environments to identify and address potential vulnerabilities and risks.

- Implement and maintain security controls and compliance measures based on industry standards and regulatory requirements.

- Key member of the incident response efforts, conduct root cause analysis, and recommend corrective actions to prevent future incidents.

- Monitor AWS security alerts, events, and incidents, and respond promptly to mitigate security threats.

- Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline.

- Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts.

- Stay up-to-date with the latest security trends, tools, and technologies in the AWS ecosystem, and propose their adoption where appropriate.

- Provide security guidance and training to development and operations teams to foster a security-conscious culture.

- Be involved with projects to make sure security is taken into consideration.

Who we're looking for

we prioritise hiring individuals who share our values and possess the right attitudes and behaviours for success. Whilst some of the listed requirements may be important, don't worry if you don't meet all of them, we'd still like to hear from you.

- Minimum of 3 years of hands-on experience as a Security Engineer or related role in an AWS DevOps environment.

- Proficiency in AWS services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation.

- Strong understanding of security best practices, principles, and frameworks, such as ISO 27001 controls and NIST Guidelines.

- Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools.

- Ability to perform security threat modeling and risk assessments to identify and prioritize security risks.

- Experience with security incident response and handling, including log analysis and forensics.

- Strong communication and interpersonal skills to collaborate effectively with cross-functional teams.

- In-depth knowledge of AWS Security Products and logging tools such as SecurityHub, Inspector, Detective, CloudTrail, GuardDuty and CloudWatch.

- Certifications such as AWS Certified Security Specialty are a plus.

- Have up to date knowledge on cyber.

- Good working knowledge of open-source Pen test tools i.e. Burpsuite, ZAP, Nikito, Metasploit, SQLmap.

What your impact and success looks like

As a Security Engineer we expect your success and impact in the early stages of your career with us to look something like this:

Within 1 month:

- Familiarity with Company Policies and Security Infrastructure

- Familiarity with AWS Security Best Practices and the business Setup

- Integration into DevOps Workflow

Within 3 months:

- Security Incident Handling and Remediation

- Security Automation and Tooling

- Security Compliance and Auditing

- Collaboration with Development Teams

Within 6 months:

- Threat Modelling and Risk Assessment

- Continuous Improvement Initiatives

- Security Incident Management

What's in it for you?

We operate a Flexible Working Policy and this role is predominantly a remote based position, but will require occasional trips to our Solihull office (near Birmingham).

We're offering the chance to really make a difference here at Client and the opportunity for personal growth is very real. You'll feel part of a special team. You can expect a highly competitive salary and some great benefits, including:

- 5.5% employer pension contribution

- 20 days annual leave (plus a day for your birthday)

increasing by a day for every year worked (capped at 24

days)

- Business permitting, we're closed over Christmas, to give you time back to your friends and family

- Formal and in-house training for your L&D plus access to Go1 - the world's largest online learning library

- Health benefits including Gym Flex, annual flu vaccinations and many others

- Season ticket loan

- Regular local and companywide social events including Tucker Thursday - mouth-watering cuisine delivered straight to the office doors once a month!

- Opportunity to participate in retail benefits and savings via our Benefits partner, Benni!