AWS Security Lead (DevSecOps)

We are seeking an experienced and dynamic AWS DevSecOps Security Lead to join our team. This critical role is designed for a security-first professional who will take ownership and leadership of our AWS security initiatives. The AWS Security Lead will be responsible for ensuring the security and compliance of our AWS environments, implementing best practices, and leading a team of security professionals. This role is pivotal in safeguarding our cloud infrastructure and data, driving our security strategy, and ensuring the highest levels of protection against emerging threats.

Please Note: This role will require hands-on technical experience as well as design and architecture.

Key Responsibilities:

1. Develop and implement comprehensive AWS security policies, procedures, and best practices.
2. Monitor and manage security incidents and vulnerabilities across AWS environments.
3. Collaborate with IT, Development, Product, DevOps, and Operations teams to help design and assist to deploy secure cloud architectures.
4. Conduct regular security assessments, audits, and compliance checks.
5. Provide training and support on AWS security practices to internal teams.
6. Lead incident response efforts and forensic investigations for security breaches.
7. Automate security controls, data, and processes to improve metrics and operational support.
8. Stay current with emerging security threats, vulnerabilities, and best practices.
9. Develop and execute security strategies for cloud-based applications and infrastructure.
10. Take full ownership of AWS security operations and proactively lead security initiatives.
11. Optimise configurations to enhance security posture and maintain compliance.

Required Qualifications:

1. Extensive experience with a wide range of AWS services.
2. Extensive experience with AWS cloud security and related services (e.g., EC2, S3, VPC, IAM).
3. Proficiency in security tools and technologies such as AWS Security Hub, GuardDuty, and IAM.
4. Strong understanding of compliance standards (e.g., ISO 27001, GDPR, HIPAA).
5. Excellent problem-solving and analytical skills.
6. Hands-on experience with systems automation and deployment tools (e.g., Terraform, Jenkins).
7. Ability to translate security and technical requirements into business requirements.
8. Strong communication skills to interact with stakeholders at all levels.
9. Proven track record of leading security teams and owning security operations.

Preferred Qualifications:

1. AWS Certified Security - Specialty, AWS Solutions Architect Professional, AWS Advanced Networking Specialty.
2. Experience with DevSecOps practices and CI/CD pipeline integration.
3. Strong scripting skills (e.g., Python, Bash) for automation purposes.
4. Experience with security architectures and designing secure cloud solutions.
5. Knowledge of advanced security concepts, including encryption, identity and access management, and threat modelling.

Work Environment:

1. This is a hybrid role with 2/3 days in the office.
2. Collaborate with global teams to ensure security measures are uniformly implemented.

Measuring Success:

1. Success in this role will be measured by the effectiveness of security strategies and their implementation.
2. Key metrics include the reduction of security incidents, adherence to compliance standards, and successful audits.
3. The ability to optimise configurations and maintain a robust security posture is critical.

Impact:

Your work will directly contribute to the safety and reliability of our services, ensuring customer trust and satisfaction.