Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the remediation of cloud vulnerabilities in AWS and collaborate with developers.
- Company: Join a forward-thinking tech company focused on cloud security.
- Benefits: Competitive pay, flexible working options, and opportunities for skill development.
- Why this job: Make a real impact by enhancing cloud security and protecting vital data.
- Qualifications: Experience in AWS security and a solid understanding of DevSecOps practices.
- Other info: Dynamic role with potential for growth in a collaborative environment.
The predicted salary is between 36000 - 60000 £ per year.
We are looking to hire an AWS-focused security engineer to lead the remediation of cloud and application vulnerabilities across our AWS environment. You will work closely with Developers, Data Engineers, and our AWS Security Lead to validate findings, prioritise risk, implement fixes, and strengthen security controls. AWS security is your primary technical skill; a strong understanding of software development, DevSecOps practices, and vulnerability management is essential.
Key Responsibilities
- Own end-to-end remediation of AWS and workload vulnerabilities: confirm findings, assess impact, prioritise actions, and track through to closure.
- Partner with Developers and Data Engineers to implement secure fixes in code, infrastructure, and delivery pipelines (IaC, containers, serverless, OS/packages).
- Work with the AWS Security Lead to ensure remediation aligns with AWS security controls, internal risk policies, and compliance requirements.
- Improve and automate vulnerability management processes (e.g., scanning coverage, SLAs, exception handling, evidence capture).
- Embed security into CI/CD and the SDLC: shift-left reviews, secure coding guidance, dependency management, and pipeline guardrails.
- Configure, tune, and operate AWS security services (e.g., GuardDuty, Security Hub, Inspector, Config, IAM Access Analyzer) to reduce exposure and prevent repeat issues.
- Produce clear remediation guidance, runbooks, and reporting dashboards for both technical and non-technical stakeholders.
- Support incident response and post-remediation validation where high-risk findings are exploited or trending.
AWS / Cloud Security (Primary)
- Deep, hands-on AWS security experience across IAM, networking, compute, storage, serverless, and managed data services.
- Strong knowledge of the AWS Well-Architected Security Pillar and common control frameworks (CIS AWS Foundations, NIST/ISO-aligned controls).
- Demonstrable experience implementing and validating AWS security controls, including:
- IAM least privilege, roles, permission boundaries, SCPs, and access reviews
- VPC segmentation, security group/NACL design, private endpoints, WAF/Shield
- Encryption in transit and at rest using KMS, TLS, and secrets management
- Logging and monitoring: CloudTrail, CloudWatch, Config, centralised SIEM patterns
- Threat detection and posture management using AWS native services
Dev / DevSecOps / Vulnerability Management (Primary)
- Strong understanding of modern SDLC, CI/CD, and DevSecOps approaches.
- Proven experience managing the full vulnerability lifecycle: triage, prioritisation (CVSS/EPSS/KEV), remediation, verification, and reporting.
- Comfortable remediating a wide range of findings: OS/package CVEs, container images, third-party libraries, serverless runtimes, and cloud misconfigurations.
- Able to translate security findings into clear, practical tasks for engineering teams and coach on secure implementation.
Engineering & Tooling
- Infrastructure as Code: Terraform and/or CloudFormation; able to review and fix security weaknesses in IaC.
- Scripting/automation skills in Python, Bash, or similar to streamline remediation and control validation.
- Familiarity with container and serverless security (ECR, ECS/EKS, Lambda, image scanning, runtime hardening).
- Experience with common vulnerability and scanning tools (e.g., AWS Inspector/Security Hub, Snyk, Trivy, Dependabot, Prisma/Qualys/Tenable, etc.).
Nice to Have
- Security certifications such as AWS Security Specialty, AWS Solutions Architect, or equivalent.
- Experience supporting data platforms on AWS (Glue, EMR, Redshift, Athena, RDS, OpenSearch, Kafka/MSK).
- Knowledge of secure coding practices in Python/Node/Java or your core development stack.
- Experience with policy-as-code and automated control enforcement (OPA/Conftest, tfsec, Checkov).
Personal Attributes
- Highly collaborative and pragmatic; you enjoy working directly with engineers to ship secure fixes quickly.
- Strong risk judgement and the ability to balance urgency with operational impact.
- Clear communicator who can write concise remediation guidance and present progress to stakeholders.
- Ownership mindset: you drive remediation through to completion, not just identification.
AWS Security Engineer Contract employer: LGBT Great
Contact Detail:
LGBT Great Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land AWS Security Engineer Contract
✨Tip Number 1
Network like a pro! Attend industry meetups, webinars, or even local tech events. You never know who might be looking for an AWS Security Engineer just like you!
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your AWS security projects or any vulnerability remediation you've done. This can really set you apart from the crowd.
✨Tip Number 3
Don’t just apply; engage! When you find a job on our website, reach out to the hiring manager or recruiter on LinkedIn. A little initiative goes a long way!
✨Tip Number 4
Prepare for interviews by brushing up on common AWS security scenarios and how you’ve tackled them. Be ready to discuss your hands-on experience with tools like GuardDuty and Inspector!
We think you need these skills to ace AWS Security Engineer Contract
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your AWS security experience and aligns with the key responsibilities mentioned in the job description. We want to see how your skills match up with what we're looking for!
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're the perfect fit for this role. Share specific examples of your past work in AWS security and how you've tackled vulnerabilities. We love a good story!
Show Off Your Technical Skills: Don’t forget to mention your hands-on experience with AWS security services and DevSecOps practices. We’re keen to know about your familiarity with tools like GuardDuty, Inspector, and your scripting skills too!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to keep track of your application and ensure it gets the attention it deserves. Plus, we can’t wait to hear from you!
How to prepare for a job interview at LGBT Great
✨Know Your AWS Security Inside Out
Make sure you brush up on your AWS security knowledge, especially around IAM, VPCs, and the Well-Architected Security Pillar. Be ready to discuss specific AWS services like GuardDuty and Inspector, and how you've used them in past projects.
✨Showcase Your DevSecOps Experience
Prepare to talk about your experience with CI/CD pipelines and how you've embedded security into the software development lifecycle. Highlight any tools you've used for vulnerability management and how you've collaborated with developers to implement secure fixes.
✨Be Ready to Discuss Vulnerability Management
Familiarise yourself with the full vulnerability lifecycle, from triage to remediation. Be prepared to give examples of how you've prioritised vulnerabilities based on risk and how you've communicated these findings to technical and non-technical stakeholders.
✨Demonstrate Your Problem-Solving Skills
Think of specific challenges you've faced in previous roles related to cloud security and how you overcame them. This could include automating processes or improving existing security measures. Show that you have an ownership mindset and can drive remediation efforts to completion.
