AWS Security Architect

Lynx Recruitment Ltd
Charing Cross, United Kingdom
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 90K

Job location

Charing Cross, United Kingdom

Tech stack

Amazon Web Services (AWS)
Continuous Integration
Github
Identity and Access Management
Python
Lynx
Amazon Web Services (AWS)
Data Logging
Pulumi
Cloudformation
Gitlab-ci
Kubernetes
Purple Team (Cyber Security)
Terraform
Devsecops
Jenkins

Job description

Lynx are working with a leading consultancy who partner with fast-moving engineering teams who build and run their businesses in the cloud. They need pragmatic, code-literate security specialists.

The Role

They're looking for a hands-on AWS Security Architect who lives and breathes AWS. You'll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don't expect you to know everything - just to be curious, practical, and willing to dive in.

What You'll Do

  • Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships.
  • Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates, and CSPM rules to enforce secure defaults at scale.
  • Hands-On Testing & Hardening: Perform cloud-native testing (IAM escalation, container escape attempts, infra abuse) and guide fixes directly via PRs.
  • DevSecOps Enablement: Pair with platform teams, review Terraform/CloudFormation/Kubernetes, and promote least privilege, logging, and runtime controls.
  • Knowledge Sharing: Contribute to documentation, demos, and continuous learning within the team.

What You Bring

Must-Haves

  • Deep AWS internals knowledge
  • Technical/IT degree (2:1 or above)
  • Proven threat-modelling experience (STRIDE, attack trees, etc.)
  • Strong coding skills (Python, Go, Rust, etc.)
  • IaC expertise - Terraform, CrossPlane, Pulumi, CloudFormation, AWS CDK
  • CI/CD security automation experience (GitHub Actions, GitLab CI, Jenkins, etc.)

Nice-to-Haves

  • AWS Security Specialty, SANS, OSCP (skills over certificates, though!)
  • Multi-cloud or hybrid security experience
  • Container security & supply-chain/SBOM tooling
  • Applied cryptography fundamentals (KMS, envelope encryption, etc.)
  • Incident response or red/blue/purple team exposure
  • OSS security contributions or AWS community involvement

Requirements

  • Deep AWS internals knowledge
  • Technical/IT degree (2:1 or above)
  • Proven threat-modelling experience (STRIDE, attack trees, etc.)
  • Strong coding skills (Python, Go, Rust, etc.)
  • IaC expertise - Terraform, CrossPlane, Pulumi, CloudFormation, AWS CDK
  • CI/CD security automation experience (GitHub Actions, GitLab CI, Jenkins, etc.)

Nice-to-Haves

  • AWS Security Specialty, SANS, OSCP (skills over certificates, though!)
  • Multi-cloud or hybrid security experience
  • Container security & supply-chain/SBOM tooling
  • Applied cryptography fundamentals (KMS, envelope encryption, etc.)
  • Incident response or red/blue/purple team exposure
  • OSS security contributions or AWS community involvement

About the company

Lynx are working with a leading consultancy who partner with fast-moving engineering teams who build and run their businesses in the cloud. They need pragmatic, code-literate security specialists.

Apply for this position