AWS Security Engineer

AWS Security Engineer - Glasgow/Hybrid - Outside IR35

Market Rates

Duration - 12 months

Harvey Nash are supporting a client seeking an experienced AWS Security Engineer to join their IT Infrastructure and Cyber function. This is a lead role in designing, implementing, and optimising AWS security controls across a multi-account cloud environment.

This role requires a strong blend of hands-on AWS security engineering and strategic design capability, supporting secure cloud adoption and ongoing platform maturity.

Key Responsibilities

The AWS Security Engineer will:

  • Design secure AWS architectures, including IAM strategy, access models, logging, monitoring, and compliance controls
  • Define secure hosting approaches across EC2, containerised workloads, and supporting services
  • Establish and enhance identity and access management frameworks, including RBAC and least-privilege models
  • Implement centralised logging, monitoring, and threat detection using AWS-native tooling (e.g. CloudTrail, GuardDuty, Security Hub)
  • Embed security controls into CI/CD pipelines, including automated vulnerability scanning and release governance
  • Design and deliver automated patching solutions using AWS Systems Manager
  • Support threat detection and response automation, reducing reliance on manual processes
  • Assess and optimise use of AWS-native security services, avoiding duplication and improving efficiency
  • Ensure visibility of assets, dependencies, and vulnerabilities across the estate
  • Contribute to secure, resilient multi-account architecture design aligned to AWS best practices
  • Work within a centrally governed AWS environment, engaging with platform teams on SCPs, guardrails, and policy controls
  • Produce clear security documentation, standards, and guidance, while supporting knowledge transfer across teams

Key Requirements

  • Proven experience (3+ years) in a senior AWS security engineering role
  • Deep hands-on expertise across AWS services including IAM, VPC, EC2, S3, CloudWatch, CloudTrail, Config, GuardDuty, and Security Hub
  • Strong experience designing fine-grained IAM models across multi-account environments
  • Expertise integrating AWS with enterprise identity providers (e.g. Okta, SSO, RBAC)
  • Experience implementing logging, monitoring, and audit frameworks for security and compliance
  • Strong understanding of vulnerability management, secure application practices, and patching strategies
  • Experience embedding security within CI/CD pipelines and DevSecOps practices
  • Knowledge of AWS Systems Manager, Inspector, and Config for operational security and compliance
  • Ability to identify and mitigate risks relating to sensitive infrastructure exposure and IAM metadata
  • Strong problem-solving and stakeholder engagement skills within complex cloud environments

Desirable Experience

  • AWS certifications (Security Specialty, Solutions Architect, DevOps Engineer)
  • Experience with Terraform or other Infrastructure as Code tooling
  • Exposure to public sector environments and constraints
  • Understanding of modern development frameworks and API technologies (REST/SOAP, API Gateway)

Please note that you must be eligible for BPSS clearance to commene this post.

To
From
Record Yes No

Always use these settings
Apply Now
Apply Now

Job Details

Company
S1jobs.com
Location
Edinburgh, UK
Posted