We are seeking an experienced and dynamic AWS DevSecOps Security Lead to join our team. This critical role is designed for a security-first professional who will take ownership and leadership of our AWS security initiatives. The AWS Security Lead will be responsible for ensuring the security and compliance of our AWS environments, implementing best practices, and leading a team of security professionals. This role is pivotal in safeguarding our cloud infrastructure and data, driving our security strategy, and ensuring the highest levels of protection against emerging threats.
Please Note: This role will require hands-on technical experience as well as design and architecture.
Key Responsibilities:
Develop and implement comprehensive AWS security policies, procedures, and best practices.
Monitor and manage security incidents and vulnerabilities across AWS environments.
Collaborate with IT, Development, Product, DevOps, and Operations teams to help design and assist to deploy secure cloud architectures.
Conduct regular security assessments, audits, and compliance checks.
Provide training and support on AWS security practices to internal teams.
Lead incident response efforts and forensic investigations for security breaches.
Automate security controls, data, and processes to improve metrics and operational support.
Stay current with emerging security threats, vulnerabilities, and best practices.
Develop and execute security strategies for cloud-based applications and infrastructure.
Take full ownership of AWS security operations and proactively lead security initiatives.
Optimise configurations to enhance security posture and maintain compliance.
Required Qualifications:
Extensive experience with a wide range of AWS services.
Extensive experience with AWS cloud security and related services (e.g., EC2, S3, VPC, IAM).
Proficiency in security tools and technologies such as AWS Security Hub, GuardDuty, and IAM.
Strong understanding of compliance standards (e.g., ISO 27001, GDPR, HIPAA).
Excellent problem-solving and analytical skills.
Hands-on experience with systems automation and deployment tools (e.g., Terraform, Jenkins).
Ability to translate security and technical requirements into business requirements.
Strong communication skills to interact with stakeholders at all levels.
Proven track record of leading security teams and owning security operations.