AWS Cloud Security Engineer - Security Hub, GuardDuty, CloudWatch, CloudTrail - OUTSIDE IR35

AWS Cloud Security Engineer - Security Hub, GuardDuty, CloudWatch, CloudTrail - OUTSIDE IR35

A standout contract opportunity with a global, market-leading B2B SaaS organisation undergoing rapid evolution in cloud security, AI adoption, and modern engineering practices. As an AWS Cloud Security Engineer, you'll work directly with the CISO and take ownership of strengthening and maturing a complex, high-scale cloud environment.

This is a hands-on, technically rich role spanning cloud security engineering, deep incident response, proactive threat detection, and global collaboration across multiple regions.

Key Requirements:

• 5+ years' hands-on experience in cloud security or security engineering within AWS-centric DevOps environments.
• Strong technical depth across AWS services: IAM, VPC, EC2, S3, RDS, Lambda, and core networking.
• Proven experience in incident response, digital forensics, log analysis, and full life cycle incident handling.
• Expertise with AWS security tooling: Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, etc.
• Practical Scripting ability (Python preferred) and IaC experience with Terraform.
• Solid understanding of ISO 27001, NIST CSF, and cloud security best practices.
• Familiarity with open-source security testing tools (BurpSuite, ZAP, Nikto, Metasploit, SQLmap).
• Highly self-managing - able to own work, drive outcomes, and operate autonomously.
• Proactive mindset with a strong ability to identify gaps, recommend improvements, and stay ahead of emerging threats.
• Excellent attention to detail in technical execution and documentation.
• Confident communicator across technical and non-technical teams.
• Willingness to participate in out-of-hours incident response when required.
• Able to start immediately or within 1 week
• Able to work onsite in Birmingham 1-2 days per week

What You'll Be Doing:

• Designing, implementing, and enhancing secure cloud infrastructure, services, and applications in partnership with DevOps teams.
• Conducting continuous security assessments, configuration reviews, and audits of AWS environments to identify vulnerabilities and drive remediation.
• Implementing and maintaining cloud security controls aligned to ISO 27001, NIST, and industry best practices.
• Developing security automation, tooling, and IaC processes to streamline and strengthen security operations.
• Owning and delivering security engineering projects end-to-end with high-quality documentation.
• Operating proactively - anticipating security needs, identifying risks, and driving improvements without waiting for direction.
• Responding to alerts from the outsourced SOC and validating threats using AWS native and third-party tooling.
• Leading and participating in global incident response activities: investigation, containment, eradication, and recovery.
• Performing advanced log analysis, digital forensics, and threat validation.
• Monitoring AWS/Azure and application security alerts and responding decisively.
• Participating in out-of-hours response (Time in Lieu provided), including early-morning collaboration with Australia-based teams.
• Documenting incident activity thoroughly across tickets, knowledge bases, and post-incident reports.
• Conducting threat modelling and reviewing log ingestion and alerting with the SOC.
• Providing expert guidance and mentorship to development, engineering, and operations teams.
• Collaborating across multiple time zones and contributing to global security initiatives.
• Staying ahead of emerging cloud threats, AWS security tooling, and defensive techniques - championing their adoption.
• Producing clear, structured documentation for tickets, processes, runbooks, and security standards.

£525-£550 per day. OUTSIDE IR35. Birmingham. 4 months.