Do I need an AWS certification before taking this course?

No. While certification is not required, it’s recommended that learners complete AWS Security Essentials and Architecting on AWS to build a strong foundation before taking this course.

Will Security Engineering on AWS help me prepare for the AWS Certified Security – Specialty exam?

Yes. This course aligns closely with the AWS Certified Security – Specialty exam and covers the key topics and tools you’ll need to succeed. However, the certification exam voucher is not included with the course.

How will this course help me manage IAM and detect security threats in AWS?

You’ll gain hands-on experience with Identity and Access Management (IAM), CloudTrail, GuardDuty, and Security Hub—tools critical for controlling access and identifying suspicious activity across your AWS environment.

Does the course include hands-on labs?

Yes. You’ll work directly in AWS environments with real tools like KMS, CloudTrail, GuardDuty, and CloudFormation. Labs are embedded throughout the course to reinforce each security concept.

Is Security Engineering on AWS for beginners or advanced professionals?

This course is best suited for intermediate to advanced professionals who already have experience with AWS and foundational knowledge of cloud security principles.

Security Engineering on AWS

Name: Security Engineering on AWS
Price: 2025.00 USD
Availability: InStock
Rating: 4.5 (1200 reviews)

Price
$2,025.00 USD

Duration
3 Days

Delivery Methods
Virtual Instructor Led
Private Group

Add Exam Voucher
$300.00

Request More Information

Download Course Details

Course Details Only
Course Details & Schedule

Skip to Class Dates

Security Engineering on AWS Training Overview

Cybersecurity threats are escalating, and organizations need professionals who can efficiently use AWS security services to stay secure in the AWS Cloud. Security Engineering on AWS focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. This course highlights the security features of AWS key services including compute, storage, networking, and database services. You'll also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents.

Through hands-on labs and real-world scenarios, you'll gain practical experience in implementing security solutions, understanding specialized data classifications and AWS data protection mechanisms, and applying security best practices. This training is designed to help you stay secure in the AWS Cloud and prepare for the AWS Certified Security – Specialty certification.

Course Objectives

Security Engineering on AWS prepares you to design, implement, and manage secure infrastructure on the AWS cloud platform. You'll learn to protect applications and data from common security threats, perform and automate security checks, and configure authentication and permissions for applications and resources.

By the end of this course, you'll be able to monitor AWS resources and respond to incidents, capture and process logs, and create automated and repeatable deployments with tools such as AMIs and AWS CloudFormation. This course focuses on the security practices that AWS recommends for enhancing the security of your systems in the cloud.

Who Should Attend?

This course is intended for security engineers, security architects, and information security professionals.

Top-rated instructors: Our crew of subject matter experts have an average instructor rating of 4.8 out of 5 across thousands of reviews.
Authorized content: We maintain more than 35 Authorized Training Partnerships with the top players in tech, ensuring your course materials contain the most relevant and up-to date information.
Interactive classroom participation: Our virtual training includes live lectures, demonstrations and virtual labs that allow you to participate in discussions with your instructor and fellow classmates to get real-time feedback.
Post Class Resources: Review your class content, catch up on any material you may have missed or perfect your new skills with access to resources after your course is complete.
Private Group Training: Let our world-class instructors deliver exclusive training courses just for your employees. Our private group training is designed to promote your team’s shared growth and skill development.
Tailored Training Solutions: Our subject matter experts can customize the class to specifically address the unique goals of your team.

Module 1: Introduction to Security in the AWS Cloud

Understand the AWS Shared Responsibility Model
Explore core cloud security principles
Review incident response strategies in AWS
Align DevOps processes with security engineering

Module 2: Managing Identity and Access Control

Define and apply IAM policies, roles, and permissions boundaries
Use IAM Access Analyzer for insight into access risks
Implement multi-factor authentication (MFA)
Monitor access activity with AWS CloudTrail

Module 3: Securing Web Application Environments

Analyze threats to 3-tier application architectures
Address common risks around user and data access
Leverage AWS Trusted Advisor for continuous improvement

Module 4: Application Security at Scale

Harden Amazon Machine Images (AMIs)
Perform automated security assessments with Amazon Inspector
Apply secure configuration management with AWS Systems Manager

Module 5: Data Protection and Encryption Best Practices

Encrypt data in S3, RDS, DynamoDB, and Glacier
Apply key management strategies using AWS KMS
Use S3 Access Analyzer and Access Points for precise control

Module 6: Network Security and Traffic Protection

Implement best practices for securing Amazon VPCs
Use VPC Traffic Mirroring for deep packet inspection
Respond to compromised instances
Secure endpoints with AWS Certificate Manager and ELB

Module 7: Centralized Monitoring and Logging

Configure CloudWatch, AWS Config, and Amazon Macie
Enable VPC Flow Logs, ELB Logs, and S3 Server Access Logs

Module 8: Log Processing and Analysis

Aggregate log data with Amazon Kinesis
Analyze security events using Amazon Athena

Module 9: Securing Hybrid Cloud Architectures

Connect environments with VPNs and Direct Connect
Secure cross-region traffic with AWS Transit Gateway

Module 10: Building Global Resilience and DDoS Protection

Use Route 53 and CloudFront for edge-level protection
Defend against attacks with AWS WAF, Shield, and Firewall Manager

Module 11: Serverless Security Practices

Control access in serverless environments with Amazon Cognito
Secure APIs with API Gateway
Implement least-privilege execution in AWS Lambda

Module 12: Threat Detection and Investigation

Identify suspicious activity with Amazon GuardDuty
Consolidate findings in AWS Security Hub
Perform forensic analysis with Amazon Detective

Module 13: Secrets and Key Management

Manage encryption keys using AWS KMS and CloudHSM
Store and rotate secrets with AWS Secrets Manager

Module 14: Automating Security by Design

Create secure, repeatable deployments with AWS CloudFormation
Standardize infrastructure with AWS Service Catalog

Module 15: Governance and Account Management at Scale

Manage multi-account environments with AWS Organizations
Enforce controls using AWS Control Tower and AWS SSO
Integrate centralized identity with AWS Directory Services

Learning Credits: Learning Credits can be purchased well in advance of your training date to avoid having to commit to specific courses or dates. Learning Credits allow you to secure your training budget for an entire year while eliminating the administrative headache of paying for individual classes. They can also be redeemed for a full year from the date of purchase. If you have previously purchased a Learning Credit agreement with New Horizons, you may use a portion of your agreement to pay for this class.

If you have questions about Learning Credits, please contact your Account Manager.

Corporate Tech Pass: Our Corporate Tech Pass includes unlimited attendance for a single person, in the following Virtual Instructor Led course types: Microsoft Office, Microsoft Technical, CompTIA, Project Management, SharePoint, ITIL, Certified Ethical Hacker, Certified Hacking Forensics Investigator, Java, Professional Development Courses and more. The full list of eligible course titles can be found at https://www.newhorizons.com/eligible.

If you have questions about our Corporate Tech Pass, please contact your Account Manager.

Course Prerequisites

We recommend that attendees of this course have:

Working knowledge of IT security practices and infrastructure concepts
Familiarity with cloud computing concepts
Completed AWS Security Essentials and Architecting on AWS courses

Security Engineering on AWS Course Agenda

Module 1: Introduction to Security in the AWS Cloud

Understand the AWS Shared Responsibility Model
Explore core cloud security principles
Review incident response strategies in AWS
Align DevOps processes with security engineering

Module 2: Managing Identity and Access Control

Define and apply IAM policies, roles, and permissions boundaries
Use IAM Access Analyzer for insight into access risks
Implement multi-factor authentication (MFA)
Monitor access activity with AWS CloudTrail

Module 3: Securing Web Application Environments

Analyze threats to 3-tier application architectures
Address common risks around user and data access
Leverage AWS Trusted Advisor for continuous improvement

Module 4: Application Security at Scale

Harden Amazon Machine Images (AMIs)
Perform automated security assessments with Amazon Inspector
Apply secure configuration management with AWS Systems Manager

Module 5: Data Protection and Encryption Best Practices

Encrypt data in S3, RDS, DynamoDB, and Glacier
Apply key management strategies using AWS KMS
Use S3 Access Analyzer and Access Points for precise control

Module 6: Network Security and Traffic Protection

Implement best practices for securing Amazon VPCs
Use VPC Traffic Mirroring for deep packet inspection
Respond to compromised instances
Secure endpoints with AWS Certificate Manager and ELB

Module 7: Centralized Monitoring and Logging

Configure CloudWatch, AWS Config, and Amazon Macie
Enable VPC Flow Logs, ELB Logs, and S3 Server Access Logs

Module 8: Log Processing and Analysis

Aggregate log data with Amazon Kinesis
Analyze security events using Amazon Athena

Module 9: Securing Hybrid Cloud Architectures

Connect environments with VPNs and Direct Connect
Secure cross-region traffic with AWS Transit Gateway

Module 10: Building Global Resilience and DDoS Protection

Use Route 53 and CloudFront for edge-level protection
Defend against attacks with AWS WAF, Shield, and Firewall Manager

Module 11: Serverless Security Practices

Control access in serverless environments with Amazon Cognito
Secure APIs with API Gateway
Implement least-privilege execution in AWS Lambda

Module 12: Threat Detection and Investigation

Identify suspicious activity with Amazon GuardDuty
Consolidate findings in AWS Security Hub
Perform forensic analysis with Amazon Detective

Module 13: Secrets and Key Management

Manage encryption keys using AWS KMS and CloudHSM
Store and rotate secrets with AWS Secrets Manager

Module 14: Automating Security by Design

Create secure, repeatable deployments with AWS CloudFormation
Standardize infrastructure with AWS Service Catalog

Module 15: Governance and Account Management at Scale

Manage multi-account environments with AWS Organizations
Enforce controls using AWS Control Tower and AWS SSO
Integrate centralized identity with AWS Directory Services

Upcoming Class Dates and Times

Jul 28, 29, 30
8:00 AM - 4:00 PM

ENROLL $2,025.00 USD

Weekday Sessions / Guaranteed to Run
Virtual: Online - CST

Oct 29, 30, 31
8:00 AM - 4:00 PM

ENROLL $2,025.00 USD

Weekday Sessions / Guaranteed to Run
Virtual: Online - CST

Do You Have Additional Questions? Please Contact Us Below.

Contact Us about Starting Your Business Training Strategy with New Horizons

Security Engineering on AWS

Security Engineering on AWS Training Overview

Course Objectives

Who Should Attend?

Module 1: Introduction to Security in the AWS Cloud

Module 2: Managing Identity and Access Control

Module 3: Securing Web Application Environments

Module 4: Application Security at Scale

Module 5: Data Protection and Encryption Best Practices

Module 6: Network Security and Traffic Protection

Module 7: Centralized Monitoring and Logging

Module 8: Log Processing and Analysis

Module 9: Securing Hybrid Cloud Architectures

Module 10: Building Global Resilience and DDoS Protection

Module 11: Serverless Security Practices

Module 12: Threat Detection and Investigation

Module 13: Secrets and Key Management

Module 14: Automating Security by Design

Module 15: Governance and Account Management at Scale

Course Prerequisites

Security Engineering on AWS Course Agenda

Module 1: Introduction to Security in the AWS Cloud

Module 2: Managing Identity and Access Control

Module 3: Securing Web Application Environments

Module 4: Application Security at Scale

Module 5: Data Protection and Encryption Best Practices

Module 6: Network Security and Traffic Protection

Module 7: Centralized Monitoring and Logging

Module 8: Log Processing and Analysis

Module 9: Securing Hybrid Cloud Architectures

Module 10: Building Global Resilience and DDoS Protection

Module 11: Serverless Security Practices

Module 12: Threat Detection and Investigation

Module 13: Secrets and Key Management

Module 14: Automating Security by Design

Module 15: Governance and Account Management at Scale

Upcoming Class Dates and Times

Related Courses

Related Blog Posts