AWS Security Engineer

Description

ASA Recruitment’s client, a Public Sector organisation in Edinburgh, are currently looking to recruit an AWS Security Engineer on a hybrid basis, for an initial 12 month contract (with potential extensions) on a rate c.£500/day outside of IR35 (based on experience).

The Role:

The AWS Security Engineer will work alongside our client’s IT Infrastructure and Cyber Team and will be responsible for designing, implementing, and optimising security controls across our client’s AWS cloud environment.

Essential Experience:

• Minimum 3 years’ experience in a senior AWS security engineering.
• Proven ability to design and implement secure cloud architectures, including identity, access, logging, monitoring, and compliance controls.
• Expert-level hands-on experience with AWS security and core services, including IAM, VPC, EC2, S3, CloudTrail, CloudWatch, Config, GuardDuty, and Security Hub.
• Strong experience designing and implementing IAM strategies, including cross-account access, role assumption, federation, and least privilege models. This includes designing fine-grained role structures across multi-account environments to replace overly broad access patterns.
• Experience integrating AWS environments with enterprise identity providers (e.g., Okta), including SSO and RBAC.
• Experience implementing logging, auditing, and monitoring solutions for security visibility and compliance.
• Experience in vulnerability management and secure application practices (including dependency scanning and patch management).
• Familiarity with AWS-native security and operational tooling such as Systems Manager, Inspector, and Config for compliance, patching, and inventory visibility.
• Understanding of sensitive infrastructure exposure risks (e.g. IAM metadata, topology, inventory) and implementation of appropriate access controls and protections.
• Experience embedding security controls within CI/CD pipelines, including automated vulnerability scanning and enforcing compliance gates on releases.
• Experience implementing automated patch management using AWS Systems Manager, including compliance monitoring and reporting.
• Experience implementing or supporting automated threat detection and response workflows using AWS-native or third-party tooling.
• Familiarity with tagging strategies, governance models, and security-focused operational controls.
• Excellent problem-solving skills with the ability to identify, assess, and remediate security risks across complex AWS environments, including multi-account setups.
• Effective communication and collaboration skills, with experience working alongside infrastructure teams and supporting knowledge transfer and security uplift.
• Experience working within centrally governed AWS Organizations environments, including understanding of SCPs and the ability to specify and request appropriate policy guardrails from a central platform team.
• Understanding of data security controls for sensitive personal and financial data within AWS, including encryption, S3 security configuration, and object-level logging.

Desirable Skills:

• AWS Certified Security – Specialty, AWS Certified Solutions Architect (Associate/Professional), or AWS Certified DevOps Engineer.
• Experience with Terraform or other IaC tooling for security control deployment and enforcement.
• Understanding of Public sector challenges and constraints
• Understanding of modern software development frameworks
• Understanding of SOAP and REST APIs, API Gateways & API Management

ASA Recruitment is one of Scotland’s largest independent multi-sector recruitment agencies. We specialise in providing effective tailored solutions for permanent, contract and temporary employment requirements for our Clients and Candidates. We are members of the REC and are ISO certified.

YOU SEEK WE FIND