Entry - Level Software Security Engineer at Tektronix focusing on secure product development and automation scripting. Collaborating with engineers to maintain cybersecurity best practices and standards.
About the role
- AWS-focused security engineer responsible for remediating vulnerabilities in cloud applications. Collaborating with developers and data engineers to implement secure fixes.
Responsibilities
- Own end-to-end remediation of AWS and workload vulnerabilities: confirm findings, assess impact, prioritise actions, and track through to closure.
- Partner with Developers and Data Engineers to implement secure fixes in code, infrastructure, and delivery pipelines (IaC, containers, serverless, OS/packages).
- Work with the AWS Security Lead to ensure remediation aligns with AWS security controls, internal risk policies, and compliance requirements.
- Improve and automate vulnerability management processes (e.g., scanning coverage, SLAs, exception handling, evidence capture).
- Embed security into CI/CD and the SDLC: shift-left reviews, secure coding guidance, dependency management, and pipeline guardrails.
- Configure, tune, and operate AWS security services (e.g., GuardDuty, Security Hub, Inspector, Config, IAM Access Analyzer) to reduce exposure and prevent repeat issues.
- Produce clear remediation guidance, runbooks, and reporting dashboards for both technical and non-technical stakeholders.
- Support incident response and post-remediation validation where high-risk findings are exploited or trending.
Requirements
- Deep, hands-on AWS security experience across IAM, networking, compute, storage, serverless, and managed data services.
- Strong knowledge of the AWS Well-Architected Security Pillar and common control frameworks (CIS AWS Foundations, NIST/ISO-aligned controls).
- Demonstrable experience implementing and validating AWS security controls, including:
- IAM least privilege, roles, permission boundaries, SCPs, and access reviews
- VPC segmentation, security group/NACL design, private endpoints, WAF/Shield
- Encryption in transit and at rest using KMS, TLS, and secrets management
- Logging and monitoring: CloudTrail, CloudWatch, Config, centralised SIEM patterns
- Threat detection and posture management using AWS native services
- Strong understanding of modern SDLC, CI/CD, and DevSecOps approaches.
- Proven experience managing the full vulnerability lifecycle: triage, prioritisation (CVSS/EPSS/KEV), remediation, verification, and reporting.
- Comfortable remediating a wide range of findings: OS/package CVEs, container images, third-party libraries, serverless runtimes, and cloud misconfigurations.
- Able to translate security findings into clear, practical tasks for engineering teams and coach on secure implementation.
- Infrastructure as Code: Terraform and/or CloudFormation; able to review and fix security weaknesses in IaC.
- Scripting/automation skills in Python, Bash, or similar to streamline remediation and control validation.
- Familiarity with container and serverless security (ECR, ECS/EKS, Lambda, image scanning, runtime hardening).
- Experience with common vulnerability and scanning tools (e.g., AWS Inspector/Security Hub, Snyk, Trivy, Dependabot, Prisma/Qualys/Tenable, etc.).
- Security certifications such as AWS Security Specialty, AWS Solutions Architect, or equivalent.
- Experience supporting data platforms on AWS (Glue, EMR, Redshift, Athena, RDS, OpenSearch, Kafka/MSK).
- Knowledge of secure coding practices in Python/Node/Java or your core development stack.
- Highly collaborative and pragmatic; you enjoy working directly with engineers to ship secure fixes quickly.
- Strong risk judgement and the ability to balance urgency with operational impact.
- Clear communicator who can write concise remediation guidance and present progress to stakeholders.
- Ownership mindset: you drive remediation through to completion, not just identification.
Benefits
- Outside IR35
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Cybersecurity Engineer at GM Financial designing scalable security capabilities to mitigate threats. Collaborating across teams and leveraging automation for enhanced security measures.
Senior Security Implementation Consultant responsible for implementing security controls in HPC environments. Working with teams on PKI, PAM, IAM, and infrastructure security solutions.
Lead Security Architect at Synchrony focusing on Zero Trust networking across various environments. Partnering with teams to design and implement secure connectivity and policies.
Enterprise Account Specialist engaging with key clients to design customized solutions within sales. Conducting market research and driving contract renewals for mid - to - large accounts.
Senior Product Go - to - Market & Partner Strategy role at Fortinet involving business development and product management in the cybersecurity sector.
Cybersecurity professional executing the cybersecurity program at Nightwing Intelligence Solutions. Responsible for RMF documentation, vulnerability assessments, and incident response in Sterling, VA.
Senior Network Security Engineer driving Zero Trust security fabric design and optimization at CRC Group. Hands - on role managing Zscaler and Palo Alto implementations across multi - cloud environments.
Lead Cybersecurity Engineer driving security testing automation at AT&T. Collaborating with teams to enhance security across telecom networks and systems.
Lead Business Analyst in the IAM Intake & Enablement team within Global Security. Driving IAM initiatives and enhancing access management at RBC.