This article outlines the responsibilities and required skills for a role focused on strengthening and scaling cloud security infrastructure in collaboration with security and development teams. It covers securing AWS environments, implementing IAM least-privilege policies, configuring and monitoring AWS security tools, conducting assessments and scans, reviewing integrations and APIs, supporting DevSecOps, documenting controls, monitoring logs, and assisting GDPR/UK data protection compliance.
Primary responsibilities
Work closely with security and development teams to strengthen and scale cloud security infrastructure. Key responsibilities include:
- Securing AWS environments and implementing IAM least-privilege policies.
- Configuring and monitoring AWS security tools: GuardDuty, CloudTrail, Security Hub, WAF.
- Conducting cloud security posture assessments and vulnerability scans.
- Reviewing SaaS, CRM, and third-party integrations.
- Supporting DevSecOps practices in CI/CD pipelines.
- Documenting security controls and incident response procedures.
- Monitoring logs and aiding incident investigations.
- Reviewing API and webhook security.
- Improving data protection for cloud storage and databases.
- Researching emerging cloud security threats.
- Assisting compliance with GDPR and UK data protection.
Security tools, assessments, and monitoring
Configuration and monitoring of security tooling are central to the role. This includes deploying and maintaining AWS-native tools and using them to detect and investigate issues.
- Configure and monitor GuardDuty, CloudTrail, Security Hub, and WAF for visibility and detection.
- Perform cloud security posture assessments to evaluate configuration and control gaps.
- Run vulnerability scans and interpret results to prioritize remediation.
- Monitor logs and support incident investigations based on detected events and alerts.
Integrations, DevSecOps, and documentation
The role supports secure integrations and development workflows while ensuring controls and procedures are clear and actionable.
- Review SaaS, CRM, and third-party integrations for security risks and configuration issues.
- Support DevSecOps in CI/CD pipelines to embed security checks and practices into development workflows.
- Review the security of APIs and webhooks used for integrations.
- Document security controls and incident response procedures to guide teams during assessments and incidents.
- Research emerging cloud security threats to inform controls and procedures.
Required skills
Successful contributors should demonstrate the following skills:
- Basic cloud computing knowledge (AWS preferred).
- Cybersecurity fundamentals.
- Familiarity with IAM, VPC, Security Groups, and CloudTrail.
- Web application security awareness (OWASP basics).
- Understanding of APIs and webhooks.
- DevOps and CI-CD concepts.
- Vulnerability scanning concepts.
- Basic Linux and networking knowledge.
- Strong analytical and communication skills.
In summary, the role focuses on securing cloud environments—primarily AWS—through tool configuration, assessments, integration reviews, DevSecOps support, documentation, log monitoring, and incident assistance. It requires a combination of cloud, security, development workflow awareness, and strong analytical and communication skills, and includes assisting compliance with GDPR and UK data protection.
