AWS Security Engineer

Looking for an AWS Secuirty Engineer for Jan'26 start.

Location: Near Heathrow, London
Start Date: ASAP
Contract: 6months + (Inside IR35)
Day Rate: Competitive - Flexible for the right candidate
On-Site: 3 days/week

Responsibilities

• Oversee and execute the full vulnerability management life cycle across cloud environments, including discovery, assessment, prioritization, remediation, and reporting.

• Perform vulnerability scans on AWS resources, containers, and cloud workloads using enterprise-grade scanning tools.

• Review and analyze scan results to distinguish true positives, false positives, and valid exceptions.

• Collaborate with cloud, Linux, and application engineering teams to ensure timely remediation and patch deployment.

• Track remediation progress and deliver clear, consistent reporting to stakeholders.

• Investigate vulnerabilities and provide technical guidance on mitigation strategies or compensating controls.

• Maintain detailed documentation covering remediation plans, exceptions, and mitigation approaches.

• Continuously enhance vulnerability management processes through improved workflows, automation, and reporting.

• Stay current with AWS security advisories, emerging CVEs, and industry best practices.

• Support incident response activities related to cloud-based vulnerabilities.

• Deploy, configure, and manage CNAPP platforms across AWS environments.

• Ensure seamless integration between CNAPP solutions, cloud workloads, CI/CD pipelines, and the broader security ecosystem.

• Monitor platform health, alerts, and dashboards to ensure optimal performance.

Required Technical Skills

Cloud Security & AWS Expertise

• Strong understanding of AWS services: EC2, S3, VPC, IAM, RDS, Lambda, EKS

• Proficiency with security groups, IAM policies, roles, and permissions

• Familiarity with common AWS vulnerabilities, misconfigurations, and cloud hardening practices

Linux Administration

• Experience with package management, patching, services, permissions, and log analysis

Vulnerability Scanning & Analysis

• Hands-on experience with tools such as Qualys, Tenable, Rapid7, Prisma Cloud, or AWS Inspector

• Demonstrated ability to validate and prioritize vulnerabilities using risk context, CVSS scoring, and exploitability

• Skilled in identifying false positives and assessing true risk

• Experience performing technical remediation through patching, configuration updates, or compensating controls

Security Frameworks & Standards

• Familiarity with CVE databases, NIST standards, CIS benchmarks, and OWASP guidance

Preferred/Nice-to-Have Skills

• Scripting or automation experience (Python, Bash, PowerShell)

• Exposure to CI/CD, DevOps practices, or IaC tools such as Terraform or CloudFormation

• Knowledge of container and Kubernetes security concepts

• Experience with SIEM platforms and log analysis tools

• Relevant certifications:

  • AWS Security Specialty, AWS Solutions Architect

  • Security+, CEH, CISSP, or equivalent