Job title- AWS Security Engineer
Location-Gloucester (Initially Remote)
Client-Renowned Software/IT Consulting firm
Contract-3-6 months (Extendable)
Day rate-£350-£400 (Outside IR35)
Implement IaC (Infrastructure-as-Code), zero-touch, security-shift-left strategies.
The target technical skill is a combination of strong InfoSec background, with Cloud Architecture experience and hands on DevOps skills – this entails:
- Experience in designing, architecting secure cloud solutions – this will require working with various business units to understand their most stringent data treatment plans and translate the requirements into solution architectures with traceable and measurable cloud security controls.
- The role is required to have in-depth knowledge of AWS Cloud native security tools such as Security Hub, WAF, CloudFront, CloudTrail, GuardDuty, KMS, IAM etc.
- Hands on experience in automation using Terraform, with skills in Python and Shell scripting. via AWS CodeBuild and equivalent non-cloud native CI/CD technologies.
- Well versed with working in software development mode to contribute towards writing the software modules for cloud security services (IaC) and also perform the necessary governance to review and approve code changes – example tools GitHub/git cli/visual studio/AWS cli and other equivalent tools.
- Additionally, implement complementary security tools and develop/write compliance-as-code to run within CI/CD pipelines to check the security aspects such as vulnerabilities, policy compliance, guard rail configuration etc.
Example tools include static code analysis, dynamic code analysis, software library dependency analysis and vulnerability assessment, RBAC privilege analysis, including opensource/3rd party vendor tooling etc.
- Develop and implement automation to automate the typical operational runbooks, otherwise dealt with manually.