diff --git a/monitoring/securityhub-notifications/README.md b/monitoring/securityhub-notifications/README.md
new file mode 100644
index 0000000..bcba672
--- /dev/null
+++ b/monitoring/securityhub-notifications/README.md
@@ -0,0 +1,35 @@
+# securityhub-notifications
+
+This module sets up Cloudwatch Event rules which notify a given SNS topic to inform administrators of any SecurityHub findings.
+
+https://aws.amazon.com/security-hub/
+
+## Usage
+
+```
+module "sns-email-topic" {
+  source = "github.com/lalanza808/tf-modules.git/monitoring/sns-email-topic"
+}
+
+module "securityhub-notification" {
+  source = "github.com/lalanza808/tf-modules.git/monitoring/securityhub-notifications"
+  sns_topic_arn = module.sns-email-topic.topic_arn
+}
+```
+
+## Inputs
+
+You must provide one input, which is the SNS Topic ARN you wish to publish messages to.
+
+* `sns_topic_arn`
+
+You can provide these optional inputs:
+
+* `prefix`
+* `tags`
+
+See all inputs here: [variables.tf](./variables.tf)
+
+## Outputs
+
+None
diff --git a/monitoring/securityhub-notifications/main.tf b/monitoring/securityhub-notifications/main.tf
new file mode 100644
index 0000000..dbe169f
--- /dev/null
+++ b/monitoring/securityhub-notifications/main.tf
@@ -0,0 +1,25 @@
+resource "aws_cloudwatch_event_rule" "health" {
+  name        = "${var.prefix}-aws-securityhub"
+  description = "Capture AWS SecurityHub incidents and notify operations SNS"
+
+  event_pattern = <<PATTERN
+{
+  "source": [
+    "aws.securityhub"
+  ],
+  "detail-type": [
+    "Security Hub Findings - Imported"
+  ]
+}
+PATTERN
+
+  tags = {
+    Terraform = "True"
+  }
+}
+
+resource "aws_cloudwatch_event_target" "sns" {
+  rule      = aws_cloudwatch_event_rule.health.name
+  target_id = "${var.prefix}-aws-securityhub"
+  arn       = var.sns_topic_arn
+}
diff --git a/monitoring/securityhub-notifications/variables.tf b/monitoring/securityhub-notifications/variables.tf
new file mode 100644
index 0000000..26bfda6
--- /dev/null
+++ b/monitoring/securityhub-notifications/variables.tf
@@ -0,0 +1,12 @@
+variable "sns_topic_arn" {
+  description = "ARN of the SNS topic to recieve notifications"
+}
+variable "tags" {
+  default     = {}
+  type        = map
+  description = "Optional set of tags to apply to the infrastructure"
+}
+variable "prefix" {
+  default     = "monitoring"
+  description = "String to prefix to all resources"
+}