Social network you want to login/join with:
Cloud Security Engineer - SC Cleared - Inside IR35, slough
col-narrow-left
Client:
SR2 | Socially Responsible Recruitment | Certified B Corporation
Location:
slough, United Kingdom
Job Category:
Other
-
EU work permit required:
Yes
col-narrow-right
Job Views:
5
Posted:
31.05.2025
Expiry Date:
15.07.2025
col-wide
Job Description:
SR2 is seeking two SC-cleared Cloud Security Engineers with deep expertise in AWS GuardDuty to support the delivery of secure and scalable cloud environments for a high-priority central government digital initiative.
This role will place you at the centre of cloud-native threat detection and response, with a specific focus on deploying, tuning, and operationalising GuardDuty. You will act as the subject matter expert for integrating GuardDuty across multiple AWS accounts and ensuring that detection capabilities are aligned to threat models, incident response playbooks, and compliance objectives.
Key Responsibilities:
* Act as SME for AWS GuardDuty: deployment, configuration, alert tuning, and integration with downstream response processes
* Work with platform, architecture, and SOC teams to embed GuardDuty into security operations and agile delivery workflows
* Define detection rules and thresholds aligned to business risk and threat profiles
* Advise on triage processes, integration with SIEM tooling, and use of GuardDuty findings for incident investigation
* Support wider AWS security efforts including posture management, governance, and compliance monitoring
Essential Skills & Experience:
* Extensive experience in cloud security engineering with a specific focus on AWS GuardDuty
* Strong understanding of AWS-native security services including IAM, KMS, CloudTrail, Security Hub, Config, and Macie
* Demonstrable experience in setting up governance frameworks using AWS Config Rules, SCPs, and AWS Organizations
* Familiarity with automating security controls using Python, Bash, or Infrastructure-as-Code tools (e.g., Terraform)
* Ability to operate effectively within government or highly regulated environments, and to articulate security risk in context
* Excellent documentation and communication skills with experience presenting findings and recommendations to technical and non-technical stakeholders
Desirable:
* Hands-on experience integrating AWS logs into SIEM platforms (e.g., Splunk, ELK) for correlation and alerting
* Familiarity with containerised workloads and security for EKS or similar environments
* Relevant AWS certifications (e.g., AWS Certified Security – Specialty, Solutions Architect)
#J-18808-Ljbffr