AWS Security Engineer

Netherlands  ‐ Onsite


Amazon Web Services Cloud Computing Identity Management Infrastructure Management Security Managing Vulnerability Kubernetes Safety Principles Amazon Elastic Compute Cloud Automation Continuous Integration Common Vulnerability Scoring System (CVSS) Risk Analysis Cyberark Benchmarking Cloud Computing Security Regulatory Compliance Computer Networks Direct Connect Recruitment IT Risk Management Python (Programming Language) Linux Distribution Linux Security Modules Routing Open Source Technology Web Application Security Service Control Management Stakeholder Management Vulnerability Management Administrative Operations AWS Lambda Firewalls (Computer Science) Integration Tests Hashicorp Privileged Access Management Docker Programming Languages Microservices


AWS Security Engineer

Are you a passionate AWS professional with extensive experience building and automating platform infrastructure and services? We're searching for a talented individual to join our team.

You'll be an integral part of our platform team, collaborating closely with our talented architects, developers and engineers.

Key Activities
  • Develop and maintain secure and reliable cloud infrastructure OS patching.
  • Support and develop underlying AWS and Kubernetes infrastructure and services for security hardening
  • Implementation of ransomware resilient backups.

· Work with other teams to ensure compliance with Security Hub and Kubernetes Gatekeeper policies and troubleshoot technical security issues.

· Validating AWS services against CIS and AWS FSBP benchmarks.

· Practical experience analysing cloud infrastructure vulnerabilities to understand and communicate risks, concerns and outcomes of decisions.

· Detecting security misconfigurations with EKS deployments.

· Work with CI/CD and IaC to deploy common infrastructure and services on AWS and Kubernetes.

· Segment networks to simplify administration and reduce blast radius.

· Segment accounts and IAM permission sets to implement least privilege access.

· Implement IAM automation using IdentityNow and SSO using AWS Identity Center.

· Implement privileged access management including protecting privileged accounts and SSH keys using Cyberark.

· Implement and optimize web application security using AWS WAF and CDNs.

· Management of application and service credentials using AWS Secrets Manager and Cyberark.

· Stay on top of the latest security trends and develop expertise in emerging cloud security technologies.

What we are looking for

· AWS Security Specialist level or equivalent experience (ideally 4 years+ working with AWS and security).
  • Good knowledge of Linux distributions and Linux security fundamentals.
  • Security risk management and risk assessment using CVSS (Common Vulnerability Scoring System) and CVE (Common Vulnerabilities and Exposures).

· Demonstrable background in AWS networking including VPCs, transit gateways, routing, direct connect, network firewall, NGFW and WAF.

· Experience creating hardened golden AMIs using Hashicorp packer or EC2 image builder.

· Experience of at least one programming language (ideally Python) and creating AWS Lambda functions.

· Good understanding of AWS security best practices including:
  • Strong knowledge of IAM and service control policies (SCP).
    • AWS Config Rules and Remediations
    • General AWS security best practices including the AWS Foundational Security Best Practices (FSBP) standard.
    • Vulnerability management including common vulnerabilities and exposures.
    • AWS WAF
  • Familiarity with Docker, CI/CD and integration testing.
  • Good understanding of AWS microservices platforms and associated services including EKS, EC2 Worker Nodes, ECS, ECR, Inspector and CloudMap.
  • Good understanding of the CNCF landscape which contains common cloud native open source projects and proprietary products.
  • Excellent communication skills, both written and verbal, with the ability to effectively communicate technical concepts to non-technical stakeholders

Extra information

Start date: ASAP

Contract : 6 Months Contract with possibility of extension.

Darwin Recruitment is acting as an Employment Business in relation to this vacancy.
Start date
Darwin Recruitment
Published at
Project ID:
Contract type
To apply to this project you must log in.