AWS Security Consultant

Who You'll Work With
We are seeking an experienced AWS Security Consultant to provide advisory and delivery services aligned with the standards of a top-tier consulting firm. This role will partner with enterprise clients to design, assess, and implement secure AWS environments that meet business, compliance, and regulatory requirements.

As a trusted advisor, you will lead security strategy sessions, assess current cloud security postures, and deliver AWS-native and third-party solutions that align with best practices. You will work across multiple industries, guiding clients through security transformation journeys and ensuring AWS adoption is secure, compliant, and resilient.

What You'll Do

• Serve as a client-facing advisor, providing strategic guidance on cloud security transformation, governance, and operating models.
• Conduct cloud security assessments, maturity evaluations, and gap analyses, producing recommendations aligned with regulatory frameworks (e.g., NIST, ISO 27001, CIS, PCI DSS, HIPAA).
• Design and implement AWS-native security architectures leveraging IAM, KMS, CloudTrail, Security Hub, GuardDuty, Macie, Detective, and Control Tower.
• Establish governance, risk, and compliance (GRC) frameworks for AWS adoption, including policy-as-code and automated compliance monitoring.
• Define and implement identity and access management (IAM) strategies, including federation, least privilege, and Zero Trust principles.
• Guide clients in adopting secure application and data architectures, including encryption, data loss prevention, and secure API integrations.
• Support incident response and forensics readiness through AWS-native logging, monitoring, and detection services.
• Integrate security into DevOps pipelines (DevSecOps) with automation for vulnerability management, code scanning, and compliance validation.
• Collaborate with client executives to articulate cloud security roadmaps, business cases, and investment priorities.
• Provide thought leadership via security workshops, executive briefings, and architecture reviews.

We are looking for candidates who are interested in working in a hybrid environment as we build the foundation and grow our team in Colombia. We offer a flexible working environment to balance the need to work independently, with days that may require in-person collaboration at our office.

What You'll Bring

• 8+ years of IT security experience with at least 4+ years focused on AWS security.
• Proven consulting experience delivering security assessments, compliance programs, and cloud security roadmaps for enterprise clients.
• Strong expertise in AWS security services (IAM, KMS, CloudTrail, GuardDuty, Macie, Security Hub, Detective, WAF, Shield).
• Deep knowledge of cloud governance, risk management, and regulatory compliance frameworks (NIST, ISO, CIS Benchmarks, SOC 2, HIPAA, PCI DSS).
• Hands-on experience embedding security into DevOps/DevSecOps pipelines and IaC (Terraform, CloudFormation, AWS CDK).
• Familiarity with cloud security reference architectures, Zero Trust models, and shared responsibility models.
• Strong communication and executive presentation skills with the ability to influence CISO and board-level stakeholders.
• Experience guiding large-scale AWS adoption programs from a security perspective.

About Us
Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all.