We are seeking an experienced AWS Cloud Security & Monitoring Consultant (individual or small specialist firm) to support a regulated cloud environment.
This is a short-term, full-time engagement (4–6 weeks, 8 hours/day) focused on designing, implementing, tuning, and documenting AWS security monitoring and audit capabilities, particularly for containerized workloads.
This is not a staff-augmentation role. We are looking for hands-on consultants/vendors who can deliver independently with minimal handholding in a compliance-heavy environment.
Engagement Details
Duration: 4–6 weeks
Time Commitment: 8 hours/day (full-time)
Location: Remote
Start: Immediate
Environment: Regulated AWS environment
Scope of Work
Monitoring & Observability
ECS service monitoring (health, performance, logs)
CloudWatch metrics, alarms, dashboards, and centralized log management
Alerting, escalation paths, and operational visibility aligned to enterprise security operations
AWS Security Services
GuardDuty: enablement, tuning, and alert workflows
Inspector: vulnerability scanning for ECS/container images with remediation tracking
Security Hub: aggregation, standards configuration, and findings management
Audit & Logging
CloudTrail: organization-level trails, log integrity controls, retention policies, and sensitive API alerting
Centralized log analysis using OpenSearch or SIEM
Evidence generation to support audit and compliance readiness
Key Deliverables
Security & monitoring architecture documentation
Alerting, escalation, and incident response runbooks
Sample audit evidence (logs, screenshots, reports)
Structured knowledge transfer at the end of the engagement
Required Experience
Strong hands-on experience with:
AWS ECS
GuardDuty, Inspector, Security Hub
CloudTrail, CloudWatch
OpenSearch or SIEM integrations
Experience working in regulated or compliance-heavy environments
Strong documentation and process-oriented mindset
Ability to work independently and deliver within tight timelines
Nice to Have
Prior experience supporting government, defense, or highly regulated workloads
Familiarity with compliance frameworks (e.g., NIST-style controls, continuous monitoring)
Experience implementing security automation and alert workflows
To Apply, Please Include
Brief summary of relevant AWS security and monitoring experience
Examples of similar work in regulated or enterprise environments
Proposed engagement model (fixed price or weekly rate)
Availability to start immediately
Any assumptions or dependencies
Important Notes
Access to sensitive environments may be restricted; experience working with limited-access or proxy delivery models is a plus.
Clear communication, strong documentation, and audit-ready deliverables are critical for success in this engagement.