Job Description
Looking for an AWS Secuirty Engineer for Jan'26 start.
Location: Near Heathrow, London
Start Date: ASAP
Contract: 6months + (Inside IR35)
Day Rate: Competitive - Flexible for the right candidate
On-Site: 3 days/week
Responsibilities
* Oversee and execute the full vulnerability management life cycle across cloud environments, including discovery, assessment, prioritization, remediation, and reporting.
* Perform vulnerability scans on AWS resources, containers, and cloud workloads using enterprise-grade scanning tools.
* Review and analyze scan results to distinguish true positives, false positives, and valid exceptions.
* Collaborate with cloud, Linux, and application engineering teams to ensure timely remediation and patch deployment.
* Track remediation progress and deliver clear, consistent reporting to stakeholders.
* Investigate vulnerabilities and provide technical guidance on mitigation strategies or compensating controls.
* Maintain detailed documentation covering remediation plans, exceptions, and mitigation approaches.
* Continuously enhance vulnerability management processes through improved workflows, automation, and reporting.
* Stay current with AWS security advisories, emerging CVEs, and industry best practices.
* Support incident response activities related to cloud-based vulnerabilities.
* Deploy, configure, and manage CNAPP platforms across AWS environments.
* Ensure seamless integration between CNAPP solutions, cloud workloads, CI/CD pipelines, and the broader security ecosystem.
* Monitor platform health, alerts, and dashboards to ensure optimal performance.
Required Technical Skills
Cloud Security & AWS Expertise
* Strong understanding of AWS services: EC2, S3, VPC, IAM, RDS, Lambda, EKS
* Proficiency with security groups, IAM policies, roles, and permissions
* Familiarity with common AWS vulnerabilities, misconfigurations, and cloud hardening practices
Linux Administration
* Experience with package management, patching, services, permissions, and log analysis
Vulnerability Scanning & Analysis
* Hands-on experience with tools such as Qualys, Tenable, Rapid7, Prisma Cloud, or AWS Inspector
* Demonstrated ability to validate and prioritize vulnerabilities using risk context, CVSS scoring, and exploitability
* Skilled in identifying false positives and assessing true risk
* Experience performing technical remediation through patching, configuration updates, or compensating controls
Security Frameworks & Standards
* Familiarity with CVE databases, NIST standards, CIS benchmarks, and OWASP guidance
Preferred/Nice-to-Have Skills
* Scripting or automation experience (Python, Bash, PowerShell)
* Exposure to CI/CD, DevOps practices, or IaC tools such as Terraform or CloudFormation
* Knowledge of container and Kubernetes security concepts
* Experience with SIEM platforms and log analysis tools
* Relevant certifications:
o AWS Security Specialty, AWS Solutions Architect
o Security+, CEH, CISSP, or equivalent