We partner with fast-moving engineering teams who build and run their businesses in the cloud. They need pragmatic, code-literate security specialists and thats where you come in.

The Role

Were looking for a hands-on AWS Security Architect who lives and breathes AWS. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything just to be curious, practical, and willing to dive in.

What Youll Do

• Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships.
• Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates, and CSPM rules to enforce secure defaults at scale.
• Hands-On Testing & Hardening: Perform cloud-native testing (IAM escalation, container escape attempts, infra abuse) and guide fixes directly via PRs.
• DevSecOps Enablement: Pair with platform teams, review Terraform/CloudFormation/Kubernetes, and promote least privilege, logging, and runtime controls.
• Knowledge Sharing: Contribute to documentation, demos, and continuous learning within the team.

What You Bring

Must-Haves

• Deep AWS internals knowledge
• Proven threat-modelling experience (STRIDE, attack trees, etc.)
• Strong coding skills (Python, Go, Rust, etc.)
• IaC expertise Terraform, CrossPlane, Pulumi, CloudFormation, AWS CDK
• CI/CD security automation experience (GitHub Actions, GitLab CI, Jenkins, etc.)

Nice-to-Haves

• AWS Security Specialty, SANS, OSCP (skills over certificates, though!)
• Multi-cloud or hybrid security experience
• Container security & supply-chain/SBOM tooling
• Applied cryptography fundamentals (KMS, envelope encryption, etc.)
• Incident response or red/blue/purple team exposure
• OSS security contributions or AWS community involvement
• Technical / IT degree (2:1 or above)