Simplify Logo

Full-Time

AWS Security Lead

Threat Modeling, AWS,Rego Policies

Photon

Photon

Global AI and digital solutions provider

No salary listed

London, UK

In Person

Category
DevOps & Infrastructure (1)
Required Skills
Threat modeling
GraphQL
Role-based Access Control
AWS
Risk Management
Cryptography
DevOps
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications or equivalent practical experience is a plus.
  • 7+ years of experience in information security, with a focus on AWS cloud security, threat modeling, and risk management.
  • Proven experience leading threat modeling exercises and designing secure systems within AWS.
  • Proven experience with Wiz, Turbot, Custom Rego Policies, Custom Org Constraints, and AWS GraphQL.
  • Deep knowledge of AWS security services (e.g., AWS IAM, VPC, KMS, GuardDuty, Security Hub, Inspector).
  • Hands-on experience with cloud-native security tools, frameworks, and standards (e.g., CIS AWS Foundations Benchmark, NIST, OWASP).
  • Experience with secure SDLC practices and DevSecOps methodologies.
  • Strong knowledge of threat modeling methodologies (e.g., STRIDE, PASTA, OCTAVE).
  • Familiarity with cloud-native security tools for monitoring, vulnerability management, and threat detection.
  • Understanding of encryption, tokenization, and data protection strategies in the cloud.
  • Expertise in IAM and access controls, including role-based access control (RBAC), policies, and permissions in AWS.
Responsibilities
  • Lead the development of threat models for AWS-based applications and infrastructure.
  • Conduct regular threat assessments and risk analyses for new and existing systems.
  • Collaborate with development, architecture, and DevOps teams to design security into the cloud-native architecture.
  • Create detailed reports, diagrams, and other documentation to communicate threat models, risk levels, and mitigation strategies.
  • Define security requirements for cloud-based applications and infrastructure, ensuring alignment with AWS security best practices.
  • Work closely with engineering teams to integrate security controls throughout the software development lifecycle (SDLC).
  • Evaluate and recommend security tools, platforms, and frameworks for effective threat detection, prevention, and response.
  • Serve as the subject matter expert on AWS security and threat modeling methodologies.
  • Provide guidance on cloud security principles, including identity and access management (IAM), data protection, network security, and incident response in AWS environments.
  • Stay current on the latest cloud security trends, AWS security features, and emerging threats.
  • Partner with other security leaders to ensure security considerations are integrated into all stages of development and deployment.
  • Assist in building a culture of security awareness across engineering and operations teams.
  • Lead workshops and training sessions to raise security awareness and improve threat modeling practices within the organization.
  • Lead post-incident reviews related to security breaches or vulnerabilities in AWS infrastructure.
  • Assist in the identification and resolution of security vulnerabilities related to AWS resources.
  • Collaborate with the Incident Response team to help identify root causes and implement lessons learned.
Desired Qualifications
  • AWS Certified Security – Specialty.
  • Certified Information Systems Security Professional (CISSP).
  • Certified Cloud Security Professional (CCSP).
  • Certified Information Security Manager (CISM).
Photon

Photon

View
Website

Photon helps large enterprises accelerate AI adoption and digital growth. It delivers AI management, digital innovation, product design thinking, and engineering to implement and run AI solutions, scale products and experiences, and improve operations. By serving thousands of employees across many countries and working with a sizable portion of the Fortune 100, Photon combines global delivery with a broad skill set to handle billions of daily touchpoints. Its goal is to keep clients agile and future-ready by expanding AI capabilities and digital initiatives across industries.

Company Size

N/A

Company Stage

N/A

Total Funding

N/A

Headquarters

London, United Kingdom

Founded

N/A

Simplify Jobs

Simplify's Take

What believers are saying

  • Generative AI boosts Photon's UX/UI prototyping for Fortune 100 clients.
  • Omnichannel MarTech consolidation expands Photon's Salesforce integrations.
  • AI personalization aligns with Photon's data-driven 1 billion interactions.

What critics are saying

  • Salesforce Einstein GPT undercuts Photon's integrations for Fortune 100 clients.
  • Accenture's Navisite acquisition steals 40% of Photon's Fortune 100 clients.
  • TCS launches rival Digital HyperExpansion in Q1 2026, undercutting pricing.

What makes Photon unique

  • Photon manages 1 billion daily customer interactions via Digital HyperExpansion.
  • Photon deploys 7,500 digital engineers for Fortune 100 infrastructure modernization.
  • Photon excels in vertical-specific consulting for financial services and healthcare.

Help us improve and share your feedback! Did you find this helpful?

Benefits

Health Insurance

Dental Insurance

Vision Insurance

401(k) Retirement Plan

Paid Vacation

Paid Holidays

Performance Bonus

Company News

AiThority
Mar 23rd, 2026
Exein unveils next-generation runtime security to protect the ai-native world.

Exein unveils next-generation runtime security to protect the ai-native world. * Photon blocks cyberattacks before execution across physical AI and IoT, autonomous AI agents and cloud and edge infrastructure * Kernel-level prevention sets a new standard beyond traditional user-space detection * Builds on Exein's position as the world's largest runtime security provider, protecting over two billion devices Mar 23, 2026 Prev Next 1 of 42,872 Exein, the global leader in runtime cybersecurity, unveiled Photon, a preemptive breakthrough solution that blocks cyberattacks at the point of execution. Designed for the AI-native world - where digital and physical systems are now inseparable - Photon marks a fundamental shift in how critical infrastructure protects itself. Unlike traditional cybersecurity solutions that detect threats after compromise - typically operating in user space and relying on a cloud network - Exein's Photon operates directly inside the kernel, preventing malicious execution paths before they can run. By blocking attacks before the point of execution, the technology dramatically reduces latency and eliminates entire classes of threats before damage occurs. If malicious instructions cannot execute, the attack itself cannot take place. This advancement establishes a new category of runtime security designed for systems that cannot be disconnected: physical AI and IoT environments, autonomous AI agents, and local hybrid cloud and edge infrastructure. In these environments, from industrial robotics and critical infrastructure to AI-driven platforms, downtime is not an option, and protection must be more precise and granular, blocking malicious threats without shutting down the entire process. The announcement at the RSA Conference (RSAC) comes as cyber threats increasingly target physical systems. Last month, the Munich Security Report 2026 warned that cyber operations are now engineered to cause real-world disruption, accelerating regulatory intervention after voluntary measures failed to address systemic vulnerabilities. At the same time, the speed of attacks is accelerating dramatically: recent threat intelligence shows average attacker 'breakout times' fell to just 29 minutes in 2025, 65% faster than the previous year, driven in part by AI-assisted automation. Protecting the digital and physical in the AI era Artificial intelligence is already capable of identifying vulnerabilities in software and infrastructure. In the near future, these models will not only detect weaknesses but exploit them autonomously to launch attacks at machine speed. As the scale and sophistication of these attacks grow, traditional runtime security systems that rely on detection alone will no longer be sufficient. Photon introduces a new model of preemptive runtime security designed for this AI-driven environment. Rather than detecting attacks after they begin, it prevents malicious execution paths from running in the first place, blocking threats in real time before they can impact the system. Unlike conventional security tools that operate in user space alongside the applications they protect, Photon operates directly within the kernel, the core of the operating system. By enforcing protection at this foundational layer, rather than merely detecting and stopping attacks, it prevents them from executing in the first place - all in real time. This marks a major milestone as physical and digital systems converge, positioning Photon as a new reference architecture for securing physical AI, agent AI and cloud and hybrid infrastructure. Gianni Cuozzo, Founder and CEO of Exein, said: "In a future where the world is infinitely connected with humanoid robots walking among Aithority, local LLMs powering intelligent edges, autonomous drones reshaping mobility, and billions of new autonomous systems bridging the digital and physical realms, preemptive runtime security represents the new generation of protection, built into the very DNA of every device from the ground up. "Exein was born to make this vision a reality: transforming every connected device into a fortress of security, forging the largest decentralised immune system for digital life - cross-vendor, cross-platform, and cross-system. We stand as the first line of defence between the boundless digital world and the physical one we live in, empowering manufacturers to build inherently safe innovations and already safeguarding over 2 billion devices worldwide."