Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct a thorough architecture review and security audit of a web application.
- Company: Dynamic IT services company focused on innovative solutions.
- Benefits: Flexible contract, competitive pay, and the chance to work with cutting-edge tech.
- Why this job: Make a real impact by ensuring the security and quality of a client’s application.
- Qualifications: 7+ years in backend/cloud engineering with strong Go and AWS skills.
- Other info: Opportunity to work independently and enhance your portfolio with high-stakes projects.
The predicted salary is between 48000 - 72000 £ per year.
We are an IT services company looking for an independent senior engineer to perform a thorough architecture review and security audit of a web application we developed for a client. The app was built by external contractors and we need an additional set of eyes to verify code quality, infrastructure security, and operational readiness before formal handover.
The Application
- Backend: Go (Golang), REST API, JWT auth, MySQL (Aurora Serverless), Redis
- Frontend: React 19, TypeScript, Tailwind
- Hosting: AWS — EC2 instances, Aurora Serverless v2, CodeBuild/ECR CI/CD pipeline, Secrets Manager, CloudWatch/Grafana monitoring
- Environments: 1 prod, 2 QA, 1 dev
Scope of work
- Access & Governance: Full AWS resource inventory — flag anything not in the architecture docs, IAM audit: users, roles, policies, access keys, credential age, Secrets Manager access policies, SSM session log review, Environment isolation verification
- AWS Infrastructure Review: VPC, subnets, security groups, NACLs — exposure assessment, Aurora, Redis, ECR configuration review, CI/CD pipeline integrity — build steps, IAM scoping, image provenance, Backup & monitoring verification, Run Prowler + IAM Access Analyzer (minimum), interpret and triage results
- Go Backend Code Review: Full route inventory vs. Swagger — flag undocumented endpoints, Auth implementation: JWT, RBAC, middleware consistency, Input validation, injection prevention, error handling, Static analysis for hardcoded secrets, suspicious outbound calls, unexpected background processes, Full git history review for sensitive changes and suspicious patterns, Dependency audit (CVEs, currency), Run Semgrep + Trufflehog/GitLeaks (minimum)
- Security Testing + Frontend: Active testing against dev/QA: auth bypass, role escalation, access control, injection, CORS, rate limiting, TLS, Frontend: env var leakage, token handling, dependency audit, Docker image scan (Trivy or equivalent)
- Reporting (to be discussed): Risk-rated findings report with evidence, Prioritized remediation plan, Access remediation list (immediate actions), Recommendation on whether a formal pentest is warranted, Walkthrough call to present findings
Required
- 7+ years backend/cloud engineering experience
- Strong Go proficiency — able to critically read and assess a codebase, not just "familiar"
- Deep hands-on AWS: IAM, VPC, Aurora, EC2, CodeBuild, Secrets Manager
- Experience with security tooling: Semgrep, Prowler, Trufflehog/GitLeaks, Trivy (or equivalents)
- Proficient with AI-assisted review tools (Claude, Cursor, or equivalent) to maximize coverage and depth
- Has conducted architecture reviews, code takeovers, or technical due diligence before
Nice to Have
- React/TypeScript familiarity
- Security certifications (OSCP, AWS Security Specialty)
- Experience with ScoutSuite, Snyk, or Burp Suite
What We Provide
- Read-only AWS access (dedicated IAM role)
- Read-only repository access including full git history
- Architecture documentation
- Non-production environment for security testing
- List of all personnel who had/have access
In Your Proposal, Please Address
- Your experience with Go codebases and AWS infrastructure audits
- Which security and AI tools you use in your review workflow and how
- An example of a third-party code review or takeover assessment you've done
- How you approach reviewing git history beyond just the current codebase state
- Your availability to start and complete within 5–7 business days
Contract duration of less than 1 month, with 30 hours per week.
Mandatory skills: Security Infrastructure, Vulnerability Assessment, Software Architecture & Design, AWS Amplify, AWS Application
Senior Go + AWS Engineer — Architecture Review employer: FreelanceJobs
Contact Detail:
FreelanceJobs Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Go + AWS Engineer — Architecture Review
✨Tip Number 1
Network, network, network! Reach out to your connections in the industry and let them know you're on the hunt for a Senior Go + AWS Engineer role. You never know who might have a lead or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by brushing up on your Go and AWS skills. Make sure you can discuss your past experiences with architecture reviews and security audits confidently. We want to see you shine!
✨Tip Number 3
Don’t just apply through job boards; head over to our website and submit your application directly. It shows initiative and gives you a better chance of standing out from the crowd.
✨Tip Number 4
Follow up after interviews! A quick thank-you email can go a long way in keeping you top of mind. Plus, it shows your enthusiasm for the role and the company.
We think you need these skills to ace Senior Go + AWS Engineer — Architecture Review
Some tips for your application 🫡
Show Off Your Go Skills: Make sure to highlight your experience with Go codebases in your application. We want to see how you've tackled similar projects and what you can bring to the table. Don't just say you're familiar; show us your expertise!
Be Specific About Your Tools: When discussing your workflow, be clear about the security and AI tools you use. We love seeing candidates who are up-to-date with tools like Semgrep or Trufflehog. This helps us understand how you approach security audits and architecture reviews.
Share Real Examples: Include an example of a third-party code review or takeover assessment you've done. This gives us insight into your practical experience and how you handle real-world challenges. We’re all about seeing your work in action!
Keep It Concise and Relevant: While we appreciate detail, make sure your application is concise and directly addresses the points in the job description. We want to see your availability and how you plan to complete the work within the specified timeframe. Apply through our website for the best chance!
How to prepare for a job interview at FreelanceJobs
✨Know Your Tech Inside Out
Make sure you’re well-versed in Go and AWS. Brush up on the specific technologies mentioned in the job description, like Aurora Serverless and CI/CD pipelines. Being able to discuss your hands-on experience with these tools will show that you’re not just familiar but truly proficient.
✨Prepare for Technical Questions
Expect deep technical questions about architecture reviews and security audits. Prepare to explain your approach to assessing code quality and infrastructure security. Practise articulating your thought process clearly, as this will demonstrate your expertise and problem-solving skills.
✨Showcase Your Past Work
Have examples ready of previous architecture reviews or security audits you’ve conducted. Be prepared to discuss the tools you used, like Semgrep or Trufflehog, and how they helped you identify vulnerabilities. This will give the interviewers confidence in your ability to deliver results.
✨Ask Insightful Questions
Prepare thoughtful questions about the company’s current projects and challenges. This shows your genuine interest in the role and helps you gauge if the company is the right fit for you. Questions about their tech stack or security practices can also spark a great conversation.
