Senior AWS DevOps Engineer at Department for Work & Pensions, Birmingham, Leeds, London, Manchester, Newcastle, Sheffield, 12 Months, £Contract Rate

  • Contract Spy
  • Birmingham, Leeds, London, Manchester, Newcastle, Sheffield
  • Jul 03, 2024
6 Months or more Information Technology

Contract Description


Senior AWS DevOps Engineer - Inside IR35

Contract Term: 12 Months

Contracting Authority: DWP

Location: Hybrid – London/Newcastle/ Leeds/Birmingham/Manchester/Sheffield

Note: SC Clearance is an essential requirement for this role, (as a minimum you will need to eligible for SC)


You will be integrated into the AWS Native Security project, a key strand of our Adaptive Security Programme designed to elevate DWP 's cybersecurity posture. This project is specifically focused on the implementation and optimization of native AWS security tools and controls, critical for identifying, mitigating, and securing the AWS estate from vulnerabilities and security weaknesses introduced through bad config.

Work Area/Project Context:

The AWS DevOps/SecOps engineers will be engaged in a dedicated project focused on securing DWP 's cloud infrastructure, part of our overarching cybersecurity enhancement strategy. This project is crucial for safeguarding our data, applications, and services hosted on AWS against evolving cyber threats and vulnerabilities.

Role and Responsibilities:

  • Ideally you will be Security Cleared to SC Level
  • You will lead the design and implementation of robust security architectures within DWP 's AWS environment. This includes creating and enforcing policies, practices, and security measures to protect our cloud-based systems.
  • Leveraging your in-depth knowledge of AWS native security tools, the engineers will configure and manage services like GuardDuty for threat detection, AWS Inspector for vulnerability assessments, and SCPs for policy application across a large number of AWS accounts, ensuring a comprehensive security coverage.
  • You will conduct regular assessments of DWP 's AWS security posture, identifying areas for improvement. This involves evaluating current security measures, detecting potential vulnerabilities, and implementing strategic enhancements to mitigate risks.
  • As a security leader in the cloud security domain, you engineers will work closely with other cybersecurity teams, AWS administrators, and development teams to ensure a cohesive and secure cloud infrastructure. They will guide and mentor team members on advanced security techniques in AWS.
  • Implementing and refining continuous monitoring mechanisms to detect and respond to security incidents in real-time. This includes setting up alerts, logs, and response protocols to quickly mitigate any identified threats.
  • Ensuring that all security implementations align with regulatory requirements and DWP 's internal governance policies. They will keep abreast of the latest AWS security features and compliance frameworks, integrating these into DWP’s cloud operations.
  • Innovation and Continuous Improvement: These engineers will not only address current security needs but also proactively research and integrate emerging AWS security technologies and practices. This forward-thinking approach aims to keep DWP at the forefront of cloud security.
  • By integrating these highly skilled AWS engineers into our cybersecurity framework, DWP aims to significantly elevate its defence mechanisms against cyber threats, ensuring that its AWS cloud infrastructure is robust, compliant, and optimised for security. Their contribution will be vital in achieving a resilient and secure cloud environment, supporting DWP 's business continuity and trustworthiness.

The project is ongoing, and the team have completed a successful discovery phase and are ready to deploy an alpha phase. This requires the completion and integration of the initial solution into the department 's CI/CD infrastructure and some trialling by software development teams.

Technical Skills:

  • AWS Security Services Proficiency: Deep understanding and hands-on experience with AWS security services such as AWS GuardDuty, AWS Inspector, AWS CloudTrail, AWS Config, and Service Control Policies (SCPs). Ability to leverage these tools to identify, monitor, and manage security vulnerabilities and threats.
  • Knowledge of cloud security frameworks, best practices, and industry standards. Familiarity with the AWS Well-Architected Framework, especially the Security Pillar, to build secure and resilient cloud applications.
  • Infrastructure as Code (IaC): Experience with IaC tools like AWS CloudFormation or Terraform to automate the deployment of AWS resources securely and efficiently.
  • Identity and Access Management (IAM): Expertise in managing access to AWS services and resources securely, using AWS IAM to control authentication and authorization.
  • Proficiency in designing and implementing secure network architectures within AWS, including knowledge of VPCs, security groups, NACLs, and VPNs.
  • Understanding of encryption methods and AWS services related to data encryption both at rest and in transit. Experience with AWS Key Management Service (KMS) and AWS Certificate Manager (ACM).
  • Knowledge of compliance requirements that impact cloud security (e.g., GDPR, HIPAA, SOC 2) and experience in implementing controls to meet these requirements.
  • Ability to design and execute incident response strategies within the AWS cloud, including the use of AWS CloudWatch, AWS Lambda, and other automated response tools.

Knowledge and Experience:

  • Several years of professional experience in cloud security, specifically within AWS environments, demonstrating a track record of implementing and managing comprehensive security strategies.
  • Experience leading projects with a focus on cloud security, showing capability in managing resources, timelines, and stakeholder expectations.
  • A commitment to continuous professional development, staying abreast of new AWS services, security trends, and techniques in cloud security.
  • provide a deep understanding of the technology domain but also demonstrate the ability to apply this knowledge to complex projects and initiatives.
  • The ability to make informed contributions to DWP’s decision making process to help enable the success of DWP’s projects and its security posture They shall be able to provide advice and leadership in their technical field.
  • Working with DWP, manage and mitigate risks, to help DWP ensure their security practices align with organisational goals and compliance requirements

If this role sounds like something that you would be interested in, please click the link to apply or get in touch with

Disability confident

As a member of the disability confident scheme, DWP guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group.

Armed Forces Covenant  

DWP is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group

If you qualify for the above, please notify us on

We will be in touch to discuss your suitability and arrange your Guaranteed Interview.

Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know.

In applying for this role, you acknowledge the following, this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.

Please be aware that this role can only be worked within the UK and not Overseas.