AWS Certified Security Architect — SocBridge Careers
← All Open Roles
Contractor

AWS Certified Security Architect

Design and implement cloud security controls that help startups pass their SOC 2 audit.

Engineering Remote

Our clients are typically Series A and Seed-stage SaaS companies running on AWS who need to achieve SOC 2 Type 1 or Type 2 within a defined window. As our AWS Security Architect contractor, you'll assess their current cloud posture, identify gaps against SOC 2 Trust Services Criteria (particularly CC6, CC7, and A1), and implement the controls needed to close those gaps. This includes IAM policy reviews, CloudTrail and GuardDuty configuration, encryption at rest and in transit, network segmentation, and logging and monitoring pipelines. You'll produce clear documentation and evidence artifacts that both the client and their auditor can rely on. Engagements are per-client and scoped upfront — you'll typically work with 2–4 clients simultaneously depending on scope and availability.

What You'll Do

  • Assess AWS environments against SOC 2 Trust Services Criteria (Security, Availability, Confidentiality)
  • Implement and configure IAM policies, SCPs, CloudTrail, GuardDuty, Config Rules, and Security Hub
  • Establish encryption standards (KMS, TLS) across storage, databases, and data-in-transit
  • Design and document network segmentation, VPC architecture, and access controls
  • Produce audit-ready evidence artifacts: screenshots, configuration exports, policy documents
  • Work directly with client engineering teams to explain changes and transfer knowledge
  • Flag risks and remediation priorities clearly in written reports

What We're Looking For

  • Active AWS Certified Security — Specialty certification (required)
  • 3+ years of hands-on AWS security architecture experience
  • Deep familiarity with SOC 2 Trust Services Criteria and common audit evidence requirements
  • Proficiency with IAM, CloudTrail, GuardDuty, Config, Security Hub, KMS, VPC, and S3 security controls
  • Strong written communication — you can document controls in plain English for non-technical stakeholders
  • Experience working with early-stage startups or in a consulting/advisory capacity preferred
  • Able to operate independently with minimal oversight

Compensation

Competitive hourly contractor rate. Rate commensurate with experience and AWS certification level. Engagements are scoped per client with clearly defined deliverables.

Apply for This Role

Fill in the form below and we'll be in touch.