Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Take charge of AWS security and vulnerability remediation in a hands-on role.
- Company: Join a tech-driven organisation focused on data and digital platforms.
- Benefits: Competitive pay, hybrid work model, and opportunities for professional growth.
- Why this job: Make a real impact by enhancing cloud security and working with cutting-edge technology.
- Qualifications: Deep AWS security expertise and experience in DevSecOps practices required.
- Other info: Collaborative environment with a focus on innovation and career advancement.
The predicted salary is between 48000 - 72000 ÂŁ per year.
We are partnering with a technology‑led organization operating at scale in the data and digital platforms space, seeking an AWS Security & Vulnerability Remediation Engineer to support a focused cloud security improvement program. This is a hands‑on delivery role for a security engineer with deep AWS expertise who enjoys working directly with developers and platform teams to remediate real vulnerabilities in cloud environments, applications, and delivery pipelines.
The successful contractor will take ownership of end‑to‑end remediation of AWS and workload vulnerabilities, working closely with developers, data engineers, and an internal AWS Security Lead. The role combines strong AWS security fundamentals with practical DevSecOps and vulnerability management experience. AWS security is the primary technical focus; the ability to embed security into engineering workflows and drive findings through to closure is essential.
Key Responsibilities- Own the full lifecycle of AWS and workload vulnerability remediation: validation, impact assessment, prioritisation, remediation, and closure.
- Partner with development and data teams to implement secure fixes across:
- Application code
- Infrastructure as Code (IaC)
- Containers and serverless workloads
- Operating systems and third‑party packages
- AWS & Cloud Security (Essential): Deep, hands‑on AWS security experience across IAM, networking, compute, storage, serverless, and managed data services.
- Strong understanding of the AWS Well‑Architected Security Pillar.
- Practical experience implementing controls aligned to CIS AWS Foundations and NIST/ISO‑aligned frameworks.
- Proven experience implementing and validating least‑privilege IAM, roles, permission boundaries, SCPs, and access reviews.
- VPC segmentation, security groups, NACLs, private endpoints, WAF/Shield.
- Encryption in transit and at rest using KMS, TLS, and secrets management.
- Centralised logging and monitoring (CloudTrail, CloudWatch, Config, SIEM patterns).
- AWS‑native threat detection and posture management.
- DevSecOps & Vulnerability Management (Essential): Strong understanding of modern SDLC, CI/CD, and DevSecOps practices.
- Demonstrable experience managing the full vulnerability lifecycle: Triage and validation, Risk‑based prioritisation (CVSS, EPSS, KEV), Remediation and verification, Reporting and evidence.
- Comfortable remediating findings across OS and package CVEs, Container images, Third‑party libraries, Serverless runtimes, Cloud misconfigurations.
- Ability to translate security findings into clear, actionable engineering tasks.
- Engineering & Tooling: Infrastructure as Code: Terraform and/or CloudFormation.
- Scripting and automation using Python, Bash, or similar.
- Container and serverless security exposure (ECR, ECS/EKS, Lambda).
- Experience with vulnerability and scanning tools such as AWS Inspector / Security Hub, Snyk, Trivy, Dependabot, Prisma, Qualys, Tenable (or equivalents).
- AWS certifications (Security Specialty, Solutions Architect, or equivalent).
- Experience securing data platforms on AWS (Glue, EMR, Redshift, Athena, RDS, OpenSearch, MSK).
- Secure coding knowledge in Python, Node.js, Java, or core development stack.
- Experience with policy‑as‑code and automated control enforcement (OPA, Conftest, tfsec, Checkov).
- Highly collaborative and pragmatic; comfortable working directly with engineers.
- Strong risk judgement and ability to balance security with delivery impact.
- Clear communicator, able to write concise remediation guidance and status updates.
- Ownership mindset — you drive remediation through to completion, not just identification.
AWS Security Engineer in London employer: Futureheads
Contact Detail:
Futureheads Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land AWS Security Engineer in London
✨Tip Number 1
Network, network, network! Get out there and connect with folks in the industry. Attend meetups, webinars, or even just grab a coffee with someone who works in AWS security. You never know who might have a lead on your next opportunity!
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your AWS security projects. This is a great way to demonstrate your hands-on experience and problem-solving abilities to potential employers.
✨Tip Number 3
Prepare for interviews by brushing up on common AWS security scenarios. Be ready to discuss how you would handle specific vulnerabilities or implement security controls. Practice makes perfect, so consider mock interviews with friends or mentors.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities that might be perfect for you. Plus, it’s a great way to get noticed by our hiring team directly.
We think you need these skills to ace AWS Security Engineer in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your AWS security experience and aligns with the key responsibilities mentioned in the job description. We want to see how your skills match up with what we're looking for!
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're passionate about AWS security and how your experience can help us improve our cloud security. Be genuine and let your personality shine through!
Showcase Your Projects: If you've worked on relevant projects, whether in a professional or personal capacity, make sure to mention them. We love seeing practical examples of your work and how you’ve tackled security challenges.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Futureheads
✨Know Your AWS Security Fundamentals
Make sure you brush up on your AWS security knowledge, especially around IAM, networking, and the Well-Architected Security Pillar. Be ready to discuss how you've implemented security controls in past projects, as this will show your hands-on experience.
✨Demonstrate Your DevSecOps Experience
Prepare to talk about your experience with CI/CD pipelines and how you've embedded security into the software development lifecycle. Share specific examples of how you've managed vulnerabilities and worked with developers to implement secure fixes.
✨Showcase Your Problem-Solving Skills
Be ready to discuss real-world scenarios where you've triaged and remediated vulnerabilities. Highlight your ability to translate complex security findings into actionable tasks for engineering teams, as this is crucial for the role.
✨Communicate Clearly and Confidently
Practice explaining technical concepts in a way that non-technical stakeholders can understand. Clear communication is key, so prepare to present your remediation strategies and progress updates succinctly during the interview.
