Sales Account Manager for Cyber Security and Awareness role at HvS - Consulting GmbH. Providing holistic consulting on Cyber Security services and managing client relationships.
About the role
- AWS-focused security engineer responsible for remediating vulnerabilities in cloud applications. Collaborating with developers and data engineers to implement secure fixes.
Responsibilities
- Own end-to-end remediation of AWS and workload vulnerabilities: confirm findings, assess impact, prioritise actions, and track through to closure.
- Partner with Developers and Data Engineers to implement secure fixes in code, infrastructure, and delivery pipelines (IaC, containers, serverless, OS/packages).
- Work with the AWS Security Lead to ensure remediation aligns with AWS security controls, internal risk policies, and compliance requirements.
- Improve and automate vulnerability management processes (e.g., scanning coverage, SLAs, exception handling, evidence capture).
- Embed security into CI/CD and the SDLC: shift-left reviews, secure coding guidance, dependency management, and pipeline guardrails.
- Configure, tune, and operate AWS security services (e.g., GuardDuty, Security Hub, Inspector, Config, IAM Access Analyzer) to reduce exposure and prevent repeat issues.
- Produce clear remediation guidance, runbooks, and reporting dashboards for both technical and non-technical stakeholders.
- Support incident response and post-remediation validation where high-risk findings are exploited or trending.
Requirements
- Deep, hands-on AWS security experience across IAM, networking, compute, storage, serverless, and managed data services.
- Strong knowledge of the AWS Well-Architected Security Pillar and common control frameworks (CIS AWS Foundations, NIST/ISO-aligned controls).
- Demonstrable experience implementing and validating AWS security controls, including:
- IAM least privilege, roles, permission boundaries, SCPs, and access reviews
- VPC segmentation, security group/NACL design, private endpoints, WAF/Shield
- Encryption in transit and at rest using KMS, TLS, and secrets management
- Logging and monitoring: CloudTrail, CloudWatch, Config, centralised SIEM patterns
- Threat detection and posture management using AWS native services
- Strong understanding of modern SDLC, CI/CD, and DevSecOps approaches.
- Proven experience managing the full vulnerability lifecycle: triage, prioritisation (CVSS/EPSS/KEV), remediation, verification, and reporting.
- Comfortable remediating a wide range of findings: OS/package CVEs, container images, third-party libraries, serverless runtimes, and cloud misconfigurations.
- Able to translate security findings into clear, practical tasks for engineering teams and coach on secure implementation.
- Infrastructure as Code: Terraform and/or CloudFormation; able to review and fix security weaknesses in IaC.
- Scripting/automation skills in Python, Bash, or similar to streamline remediation and control validation.
- Familiarity with container and serverless security (ECR, ECS/EKS, Lambda, image scanning, runtime hardening).
- Experience with common vulnerability and scanning tools (e.g., AWS Inspector/Security Hub, Snyk, Trivy, Dependabot, Prisma/Qualys/Tenable, etc.).
- Security certifications such as AWS Security Specialty, AWS Solutions Architect, or equivalent.
- Experience supporting data platforms on AWS (Glue, EMR, Redshift, Athena, RDS, OpenSearch, Kafka/MSK).
- Knowledge of secure coding practices in Python/Node/Java or your core development stack.
- Highly collaborative and pragmatic; you enjoy working directly with engineers to ship secure fixes quickly.
- Strong risk judgement and the ability to balance urgency with operational impact.
- Clear communicator who can write concise remediation guidance and present progress to stakeholders.
- Ownership mindset: you drive remediation through to completion, not just identification.
Benefits
- Outside IR35
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Security Engineer at PRC - Saltillo safeguarding IT infrastructure from cyber threats. Collaborating with IT teams to design and maintain security controls in a hybrid work environment.
Information Security Manager leading cyber security initiatives at NVISO, enhancing clients’ security posture and managing a team of consultants in Germany.
Cybersecurity Assessment Expert at IT - Strat managing A&A of information systems for U.S. federal clients. Ensuring compliance with DOD cybersecurity policies and standards in complex IT environments.
Director leading Information Security at KPMG Budapest, developing programs and policies to align with global priorities and strategy.
Senior Security Engineer responsible for deploying and maintaining endpoint security solutions. Collaborating across teams to enhance security posture and supporting incident response activities.
Administrative support role within MAHLE's Thermal and Fluid Systems unit, assisting the team with various operational tasks and employee interactions.
Senior Security Engineer at PagBank focusing on application security and secure development practices. Responsibilities include testing, vulnerability management, and collaboration with development teams.
Security Software Engineer at a tool - building company automating coding. Focused on shipping secure products covering enterprise security, cloud, and embedded protections.
Senior Product Cyber Security Systems Engineer at Sonova focusing on product security and cyber threats. Collaborating with teams to maintain robust security practices and compliance.