AWS Network and Security Lead

AWS Network and Security Lead is responsible for designing, implementing, and managing secure, scalable, and highly available cloud network infrastructures on Amazon Web Services (AWS). This role leads the strategy, governance, and execution of cloud networking and security architecture, ensuring the protection, compliance, and performance of enterprise workloads.

The position requires deep hands‑on expertise in AWS networking and security services, strong stakeholder and team leadership, and the ability to drive cloud‑security best practices across the organisation.

Key Responsibilities

Network Architecture & Engineering

• Design, implement, and optimize complex AWS network architectures using VPCs, Transit Gateways, Direct Connect, VPN, Elastic Load Balancing, Route 53, and PrivateLink.
• Define and manage network segmentation strategies, routing policies, and hybrid connectivity models.
• Ensure high availability, performance, and resiliency across multi‑region and multi‑account AWS network environments.
• Oversee IP address management (IPAM) and global traffic management.

Security Architecture & Operations

• Lead the design, implementation, and enforcement of AWS security controls and guardrails.
• Implement and manage AWS WAF, Shield, Security Groups, NACLs, KMS, IAM, SCPs, Organizations, Config, GuardDuty, Inspector, and Security Hub.
• Develop and maintain security baselines, network policies, and compliance frameworks (ISO 27001, CIS, NIST, PCI‑DSS).
• Perform threat modelling, vulnerability assessments, and risk analysis.
• Lead incident response processes for cloud security events.

Cloud Governance & Best Practices

• Define governance models for multi‑account AWS environments using Landing Zones/Control Tower.
• Establish and enforce tagging standards, monitoring standards, and network/security automation.
• Develop and maintain runbooks, playbooks, HLD/LLD documents.

Automation & DevSecOps

• Implement infrastructure as code (Terraform, CloudFormation, CDK) for network and security provisioning.
• Integrate security tooling into CI/CD pipelines.
• Automate compliance and drift detection using AWS native tools and scripting (Python/Bash).

Key Skills & Experience

Technical Expertise

• 7+ years of hands‑on AWS networking/security experience.
• Deep knowledge of IAM, KMS, Secrets Manager, Certificate Manager.
• Monitoring and logging with CloudWatch, CloudTrail, Lambda, OpenSearch.
• Strong understanding of Zero Trust, least privilege, defence‑in‑depth, and cloud‑native security models.

Tools & Technologies

• IaC: Terraform, CloudFormation, CDK.
• Security: GuardDuty, Security Hub, Shield, WAF.
• Scripting: Python, Bash.
• CI/CD: Jenkins, GitLab CI, GitHub Actions, AWS CodePipeline.

Seniority level

Mid‑Senior level

Employment type

Contract

Job function

Information Technology

Industries

IT Services and IT Consulting