AWS Cloud Security Consultant

AWS Cloud Security Consultant – Financial Services (Contract)

• Employer: Leading IT Consultancy (Client: Major Financial Services Organisation)
• Rate: £500-£550/day Inside IR35 (via Umbrella)
• Duration: 3–6 months (likely extension)
• Location: Remote (UK-based candidates only)
• Start: Immediate
• Interview Process: 2 stages

A leading IT consultancy is working with a major financial services client to secure and scale critical AWS platforms. We’re looking for a hands-on AWS Cloud Security Consultant to embed with engineering teams and drive practical, code-first cloud security in a regulated environment.

This is a delivery-focused role for someone who can assess, build, test, and automate - not just advise.

AWS Cloud Security Consultant Role Overview:

You will work directly with product and platform teams to analyse architectures, model attack paths, and implement security controls through code and automation. You’ll help teams meet regulatory expectations while still shipping at speed.

On any given week, you may threat model a new service, assess CI/CD pipelines, build security tooling, or run hands-on cloud security testing to validate controls.

🛠 What You’ll Be Doing

Threat Modelling & Architecture Reviews

• Break down AWS-backed services, map trust boundaries, build attack trees, and define security requirements early in delivery.

Security Automation

• Build IaC-driven controls, custom Lambda/Step Functions, CI/CD policy gates, and CSPM rules to enforce secure defaults at scale.

Hands-on Testing & Hardening

• Perform cloud-native testing (IAM privilege escalation paths, container/workload attacks, misconfiguration exploitation) and guide remediation via pull requests.

DevSecOps Enablement

• Pair with engineers, review Terraform/CloudFormation/Kubernetes, and promote least privilege, logging, monitoring, and runtime protection.

Knowledge Sharing

• Create reusable security patterns and provide practical guidance to uplift engineering teams.

AWS Cloud Security Consultant Must Haves:

• Strong hands-on experience with AWS security and cloud architecture
• Proven threat modelling capability (STRIDE, attack trees, or similar)
• Strong coding skills in Python, Go, Rust, or similar
• Infrastructure as Code: Terraform, CDK, CloudFormation, Pulumi, Crossplane
• CI/CD security automation (GitHub Actions, GitLab CI, Jenkins, etc.)
• Experience working in regulated or high-assurance environments

⭐ Nice-to-Haves

• AWS Security Specialty, SANS, or OSCP (nice, not required)
• Multi-cloud or hybrid security experience
• Container security and supply-chain / SBOM tooling
• Applied cryptography patterns (KMS, envelope encryption, etc.)
• Incident response or red/blue/purple team experience
• Open-source or AWS community contributions

📌 Contract Details

• Inside IR35 via Umbrella
• 3–6 month initial contract with potential extension
• Fully remote (UK only)
• Immediate start
• 2-stage interview process

If this role is of interest, please apply now.