AWS Security Engineer - Glasgow/Hybrid - Outside IR35
Market Rates
Duration - 12 months
Harvey Nash are supporting a client seeking an experienced AWS Security Engineer to join their IT Infrastructure and Cyber function. This is a lead role in designing, implementing, and optimising AWS security controls across a multi-account cloud environment.
This role requires a strong blend of hands-on AWS security engineering and strategic design capability, supporting secure cloud adoption and ongoing platform maturity.
Key Responsibilities
The AWS Security Engineer will:
- Design secure AWS architectures, including IAM strategy, access models, logging, monitoring, and compliance controls
- Define secure hosting approaches across EC2, containerised workloads, and supporting services
- Establish and enhance identity and access management frameworks, including RBAC and least-privilege models
- Implement centralised logging, monitoring, and threat detection using AWS-native tooling (e.g. CloudTrail, GuardDuty, Security Hub)
- Embed security controls into CI/CD pipelines, including automated vulnerability scanning and release governance
- Design and deliver automated patching solutions using AWS Systems Manager
- Support threat detection and response automation, reducing reliance on manual processes
- Assess and optimise use of AWS-native security services, avoiding duplication and improving efficiency
- Ensure visibility of assets, dependencies, and vulnerabilities across the estate
- Contribute to secure, resilient multi-account architecture design aligned to AWS best practices
- Work within a centrally governed AWS environment, engaging with platform teams on SCPs, guardrails, and policy controls
- Produce clear security documentation, standards, and guidance, while supporting knowledge transfer across teams
Key Requirements
- Proven experience (3+ years) in a senior AWS security engineering role
- Deep hands-on expertise across AWS services including IAM, VPC, EC2, S3, CloudWatch, CloudTrail, Config, GuardDuty, and Security Hub
- Strong experience designing fine-grained IAM models across multi-account environments
- Expertise integrating AWS with enterprise identity providers (e.g. Okta, SSO, RBAC)
- Experience implementing logging, monitoring, and audit frameworks for security and compliance
- Strong understanding of vulnerability management, secure application practices, and patching strategies
- Experience embedding security within CI/CD pipelines and DevSecOps practices
- Knowledge of AWS Systems Manager, Inspector, and Config for operational security and compliance
- Ability to identify and mitigate risks relating to sensitive infrastructure exposure and IAM metadata
- Strong problem-solving and stakeholder engagement skills within complex cloud environments
Desirable Experience
- AWS certifications (Security Specialty, Solutions Architect, DevOps Engineer)
- Experience with Terraform or other Infrastructure as Code tooling
- Exposure to public sector environments and constraints
- Understanding of modern development frameworks and API technologies (REST/SOAP, API Gateway)
Please note that you must be eligible for BPSS clearance to commene this post.
