AWS Security Analyst (Contract, 3 to 6 Months)

AWS Security Analyst (Contract, 3 to 6 Months)

Location: Fully Remote (Preference for EST or CST core hours)

Hours: Core collaboration window is 9 AM to 3 PM EST

Company: SaaS organization with global engineering teams

Overview

The client is seeking a hands-on AWS Security Analyst who can lead SOC 2 Type II readiness, implementation, and audit activities across a cloud-native SaaS environment. This role is ideal for someone who can bridge the gap between textbook knowledge and practical application, working directly with engineering, cloud operations, and auditors to execute on multiple SOC 2 programs already in progress.

Key Responsibilities

• Lead SOC 2 Type II readiness, implementation, and ongoing audit activities across multiple workstreams.
• Partner directly with auditors, engineering teams, and cloud operations to implement controls and close gaps.
• Apply the NIST Cybersecurity Framework and cloud control frameworks to strengthen security posture.
• Work with AWS-based SaaS infrastructure to validate compliance, troubleshoot issues, and confirm control effectiveness.
• Perform hands-on application security activities, including scanning, basic penetration testing, understanding OWASP Top 10 impacts, and validating remediation.
• Reproduce security issues reported in scans or audits and collaborate with developers to resolve them.
• Create proof-of-concept solutions where needed to validate security approaches.

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Operate within an agile environment and actively participate in security workstreams across global teams.
• Use compliance and productivity tools including Vanta, Jira, Confluence, Slack, and Teams.

Immediate Project Work

• Support three SOC 2 initiatives running concurrently.
• Two in progress during the first three months.
• One extending through June.
• Assist a small and resource-limited security program by defining what is truly needed for long-term security maturity.

Required Experience

• Proven experience implementing SOC 2 Type II for SaaS companies using AWS.
• Strong understanding of the NIST Cybersecurity Framework and cloud-based control frameworks.
• Hands-on AWS security experience in a production environment.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Ability to apply security concepts in real scenarios, not only at a conceptual or academic level.
• Experience with application security: vulnerability scanning, basic pen testing, fast scanning tools, and interpreting OWASP Top 10 risks.
• Strong technical troubleshooting skills and the ability to reproduce complex issues.
• Experience working with engineering and cloud operations teams in a collaborative, remote environment.

Preferred Certifications

• AWS Security Specialty
• CISSP

Work Environment

• Fully remote company with teams across the United States, Mexico, Europe, Ukraine, Portugal, and Israel.
• Preference for candidates in EST or CST due to collaboration needs.
• Flexible scheduling, with expected overlap during 9 AM to 3 PM EST.
• Highly collaborative environment using agile methods.