Enable job alerts via email!
AWS Cloud Security Engineer
Falcon Chase International
Remote
GBP 70,000 - 90,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A technology solutions company in Greater London is seeking an experienced AWS Security Engineer to take ownership of cloud security strategies during a major AWS transformation. The role involves validating security controls, designing IAM patterns, and managing compliance across complex AWS environments. Ideal candidates should possess strong hands-on AWS expertise and a solid understanding of security frameworks, enabling robust security setups. This position offers the chance to shape security practices in a transformative cloud initiative.
Qualifications
- Strong hands-on experience as an AWS Security Engineer.
- Deep expertise in AWS IAM, RBAC, SCPs, and AWS Organizations.
- Experience implementing MFA and Conditional Access.
Responsibilities
- Validate MFA, Conditional Access, encryption, and logging during discovery.
- Design and embed IAM, RBAC, and authentication patterns into cloud architectures.
- Support AWS Landing Zone build-out with identity federation and multi-account governance.
Skills
Tools
We are seeking an AWS Security Engineer to take end-to-end ownership of cloud security across discovery, design, implementation, and large-scale workload migration.
This role is central to a major AWS transformation programme, including:
- AWS Landing Zone establishment
- EUC/Citrix-to-Amazon WorkSpaces modernisation
- Full on-premises datacentre migration
You will be responsible for defining and embedding security controls across identity, compliance, guardrails, monitoring, MFA/Conditional Access, and ongoing hardening of production environments.
- Validate MFA, Conditional Access, encryption, and logging during the discovery phase
- Design and embed IAM, RBAC, federation, and authentication patterns into cloud architectures
- Define AWS security guardrails, Service Control Policies (SCPs), monitoring, and compliance baselines
- Configure and manage IAM roles, key management, encryption, logging, AWS CloudTrail, AWS Config, GuardDuty, and Security Hub
- Support AWS Landing Zone build-out, including identity federation, tagging standards, auditing, and multi-account governance
- Implement security hardening for VDI/Amazon WorkSpaces/Citrix environments, including MFA, Conditional Access, and admin console security
- Validate security controls during pilot migrations and large-scale migrations (200+ workloads), covering IAM, MFA, encryption, and BCP requirements
- Support CIS benchmarking, public-sector standards, compliance testing, and penetration-testing readiness
- Tune monitoring dashboards, alerting, and incident triage during hypercare and post-migration phases
- Strong hands-on experience as an AWS Security Engineer
- Deep expertise in AWS IAM, RBAC, SCPs, and AWS Organizations
- Experience implementing MFA, Conditional Access, and Entra AD federation
- Solid understanding of CIS benchmarks, compliance frameworks, encryption, AWS KMS, and RPO/RTO
- Proven experience enabling and operating GuardDuty, Security Hub, CloudTrail, and AWS Config
- Exposure to security validation at migration scale within complex AWS environments
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
