AWS Cloud Security Engineer

We set out to build the world's most trusted consulting firm - creating lasting impact for clients and pioneering a positive, people‑first way of working. We work with everyone from FTSE 100 names to bright new start‑ups, in every sector.

You’ll find us collaborating shoulder‑to‑shoulder with our clients, from the big picture right down to the detail: helping them define their strategy, deliver complex change, spot the right commercial opportunities, manage risk, or bring their purpose and sustainability goals to life. Our clients love how we get to know what makes their organisations tick – slotting seamlessly into their teams and being proudly geeky about solving their challenges.

We have hubs in Europe, the US, Asia and Australia, and we work all around the world – from a wind farm in Wyoming to a boardroom in Berlin. Find us wherever there’s a challenge to be tackled and an impact to be made.

Our Solutions & AI Labs (SAIL) practice focuses on helping clients control their data, turn them into actionable insights and better leverage them through the use of Machine Learning solutions directly embedded into businesses processes. We support clients across a number of industries and offer deep expertise in AI, ML, Cloud and Managed Solutions.

You will be using your experience to help build and maintain internal and client solutions. You would also be responsible to support the growth of our team, helping them to build the skills they need to solve our client’s challenges. Depending on the level, you can be a part of our leadership team, shaping the direction of the practice, growing the business and leading our people.

Although we do not expect you to be an expert in all of the below activities at the same time, our team consists of people who can both work as advisors to our clients as well as being able to bring deep technical knowledge when needed. The profile of our typical engagements is a reflection of that.

Key Responsibilities based on one of the below areas.

• Security Focused DevOps: Focus on the hardening of environments and ensuring policies are planned and enforced.
• Security Best Practices: Implement and advocate for security best practices in all aspects of the development and deployment lifecycle.
• Compliance and Risk Management: Ensure compliance with industry standards and manage risks associated with cloud deployments.

• CI/CD Systems: Design, architect, develop, deploy, and evolve CI/CD systems to help our clients transition to cloud‑based data analytics platforms (AWS, Azure, GCP) and leverage modern architecture patterns (e.g., APIs, events).
• Infrastructure as Code (IaC): Write and maintain Infrastructure as Code (IaC) and automate application deployment using industry‑standard tools and services.

• Requirements Gathering: Translate business requirements (both functional and non‑functional) into a simplified solution, ensuring compliance with the organisation’s strategy, policies and standards.
• Solution Design: Create high‑level designs and architectures which deliver on the needs of the project.

We’re looking for experienced engineers who can support and bridge the gap between the developers and consultancy teams in which solve our clients most complex issues and bring their solutions to life.

• You have 3+ years of experience in hands on delivery of Security Engineering, DevOps, DevSecOps and Cloud Security.
• You understand how to architect modern solutions in the cloud that are robust and scalable, striving for simplicity and low maintenance.
• You will have a mix of technical skills including some of the below:
• You have knowledge of designing and influencing the shift left mentality of deployment pipelines to incorporate security.
• Ability to write Infrastructure as Code (IaC) and automate application deployment using industry standard tools and services.
• Hands on experience on designing, architecting and implementing cloud security.
• Competent in at least one popular programming language, such as Python, JavaScript.
• Ability to justify and define best practices and standards, influencing the software development lifecycle policy.
• Experience in designing and adopting AWS Security tools such as:
  • Macie
  • Security Hub
  • AppConfig
  • IAM Analyzer
• Experience in architecting and owning AWS Landing Zones including Logging, Audit.
• Influence, drive and resolve the following security standards:
  • AWS Foundational Security best Practices
  • CIS AWS Foundations benchmark
  • NIST
  • PCI DSS
• We expect applicants to hold or be willing to obtain one of the following certifications or better:
  • AWS Professional Solutions Architect
  • AWS Specialty Security
  • Hashicorp: Terraform Associate
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)

Putting People First. Baringa is a People First company and wellbeing is at the forefront of our culture. We recognise the importance of work‑life balance and flexible working and provide our staff amazing benefits.

Some of these benefits include:

• Generous Annual Leave Policy: 5 weeks of annual leave at the start of each year, plus a 5‑Year Recharge benefit adding 2 weeks after 5 years of continuous service.
• Flexible Working: Hybrid working policy and more flexibility around taking unpaid leave.
• Corporate Responsibility Days: 3 days per year to help social and environmental causes.
• Wellbeing Fund: Annual People Fund to support wellbeing.
• Profit Share Scheme: All employees participate in the Baringa Group Profit Share Scheme.

We are proud to be an Equal Opportunity Employer. We believe that creating an environment where everyone feels a sense of belonging is central to our culture and that diversity is paramount to driving creativity, innovation, and value for our clients and for our people.

You can be a part of our ‘Great Place to Work’ – with our commitment to women and well‑being in the workplace for all.

We maintain high standards of environmental performance and transparency, with a commitment to Net Zero, SBTI‑verified Scope 1, 2, 3 emissions targets and the Better Business Act. We report our progress publicly and ensure that we are also externally assessed and scored through organisations like CDP and EcoVadis.

Our Corporate Social Responsibility (CSR) agenda is about giving back to the communities in which we live and work. We empower and encourage everyone in the firm to contribute, and support registered charities and organisations with a clear social or environmental purpose.

All applications will receive consideration for employment without regard to race, ethnicity, religion, gender, gender identity or expression, sexual orientation, nationality, disability, age, faith or social background. We do not filter applications by university background and encourage those who have taken alternative educational and career paths to apply. We would like to actively encourage applications from those who identify with less represented and minority groups. We operate an inclusive recruitment process, ensuring reasonable adjustments where needed. Please contact a member of our Recruitment Team to discuss further.

For UK & EU: Your personal data will be retained by Baringa for up to two years, in accordance with our UK Recruitment Privacy Notice / EU Recruitment Privacy Notice, to evaluate your application and meet our legal and reporting obligations. In line with the General Data Protection Regulation (GDPR), you have the right to request access to, rectification, or erasure (subject to legal limitations) of your personal data. For more information, please contact us at privacy@baringa.com.

For the USA: Your personal data may be retained by Baringa for up to two years, as outlined in our Recruitment Privacy Notice (AMER & APAC), to support the recruitment process and internal reporting requirements. Where applicable, and in accordance with relevant federal and state laws, you may have the right to request access to or correction of your personal information. For further details, please contact privacy@baringa.com.

For Australia & Singapore: Your personal data will be retained by Baringa for up to two years, in accordance with our Recruitment Privacy Notice (AMER & APAC). In line with the Australian Privacy Act and Singapore’s Personal Data Protection Act (PDPA), you may have rights to access, correct, or request limited deletion of your personal data. For more information, please contact us at privacy@baringa.com.