Systems Security Engineering

We are open to hiring candidates to work out of one of the following locations:Seattle, WA, USAThe Enterprise Protection Program (EPP) is seeking a Senior Security Engineer who can hunt through data from internal and external sources to identify, investigate, and mitigate insider threats to Amazon.You will lead investigations into active insider threats to Amazon on a daily basis. We are looking for someone who is a fan of "diving deep"; someone who enjoys building queries and processing data to identify and pursue security issues.You will also work with team members and partners within our legal, engineering, analytics, and prevention teams to develop proactive insider threat solutions. You will be effective both working independently and cooperatively across partner teams and able to contribute and deliver results.This position involves on-call responsibilities, typically for one week every two months.This is a senior role where you will be expected to drive the process and tool development needed to reduce the insider threat risk to Amazon.Key job responsibilitiesLead deep dive analysis of internal and external datasets to identify trends, anomalies, and activities indicative of insider threats.Collaborate with legal, engineering, analytics, and prevention teams to build and develop solutions and tools that identify and mitigate risk. Translate use cases into technical requirements.Create quantitative feedback mechanisms to drive automation and optimization of analytics and tools.Communicate and collaborate with partner teams and the security community across Amazon.Coach junior analyst/investigators to improve their skills and effectiveness.A day in the lifeYou will work on high impact cases and projects that seek to reduce the insider threat risk to Amazon. You will meet frequently with internal security customers, partners, and engineering teams. You will collaborate with numerous Amazon and AWS service teams. You will lead the development of tools and processes which seek to simplify and scale insider threat best practices. This is a senior role where you focus not only on how to achieve effective insider threat risk reductions, but also help define the processes and tools which are needed through a deep understanding of the overall landscape and challenges.About the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical storesInclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- 5+ years of experience using internal and external datasets to analyze and identify trends, anomalies, and activities indicative of advanced threats.- 5+ years of computer security fundamentals experience.- BS degree in Computer Science, Information Systems (IS), Computer Engineering, or 5+ years equivalent technology experience without a degree.- Computer security certifications (e.g. SANS) or organization-specific training relevant to computer security.- Demonstrated proficiency with creating SQL and Splunk queries.- Extensive experience leading insider threat investigations or teams.- In-depth understanding of web, security, and networking protocols.- Extensive experience collaborating with diverse internal and external partner teams throughout an investigation or issue.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you’ll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges.The Global Services Security team, a part of Amazon Web Services (AWS), leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customersSales, Marketing and Global Services (SMGS)AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.Key job responsibilities• Perform and oversee incident response operations• Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.• Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.• Design, build, and deploy solutions to automate security operations and incident response on AWS.• Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.• Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.• Innovate on behalf of customers by translating your thoughts into action-yielding results.• Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.• On-call required.A day in the lifeDiverse Experiences Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why AWS Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud. Inclusive Team Culture Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.Mentorship and Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. - - Experience performing incident response activities- - 1+ years of experience building/operating on the AWS platform- - 3+ years of experience in technical IT security or related job role- - 2+ years of threat detection or incident response experience- - Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers’ threat detection and incident response capabilities.- Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.- Experience communicating complex technical matters clearly and concisely orally and in writing.- Experience managing customers during a security event, including managing customer expectations and delivering results.- Detailed knowledge of incident response workflows and processesAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Join AWS Security as a Security Engineer and be at the forefront of safeguarding cloud computing for millions of customers worldwide! In this role, you'll have the unique opportunity to work on the foundational services that form the backbone of AWS, directly influencing the security of the entire cloud infrastructure. If you enjoy seeing the impact your work has on real customers, this is the place for you! As a Senior Security Engineer in our team, you will lead the efforts to secure some of the foundational AWS services. In this role, you will help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services. This role will own and contribute to the security strategy for some of the core components on which various AWS services are built and scaled on. A Security Engineer at Amazon is expected to be strong in multiple domains and provide significant contributions to the AWS IT Security team and to multiple groups throughout Amazon. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization.A Security Engineer must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the AWS IT Security team's work and constantly seek opportunities for process improvement. They should also have a deep understanding of at least one specialty for which they are a sought out resource (both within AWS IT Security and by groups throughout Amazon), while having an understanding of the application of Information Security in a broad range of technical areas.You will have the combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include project and software development work. This role will provide career growth opportunities as you gain new security skills in the course of your duties. Are you ready to leave your imprint on the world of cloud security and push the boundaries of cutting-edge technologies? We're eager to connect with you! Come be a part of our team as we forge the future of security at AWS.Key job responsibilities- Application security reviews- Mobile security reviews- Secure architecture design- Threat modeling- Projects and research work as needed- Security training and outreach to internal development teams- Security guidance documentation- Security tool development- Security metrics delivery and improvements- Assistance with recruiting activities and administrative workAbout the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- BS (or higher) in Computer Science, Cyber Security or related field, or equivalent work experience.- Minimum 5 years of experience in product/application security with hands-on knowledge of threat modelling, secure design reviews, code reviews and penetration testing.- Minimum 5 years of experience securing services in cloud.- Experience with creating and securing applications using AWS services.- Ability to develop code with at least one modern language, such as Python- An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Over 100 million customers and merchants send tens of billions of dollars through our systems annually. We are re-inventing the vision of our platform to provide our internal and external clients the best payment gateway service, benchmarked against the top external alternatives. Paramount to our success is ensuring that customer data is secure across Amazon Payments products and services. At the Payments Proactive Security Team, we are influencing the internal Payments ecosystem to pursue best security practices as well as driving the improvement of product security at scale by leveraging the automated solution and feedback loop mechanism established internally.A Security Engineer in Amazon will be strong in multiple security domains and sought out for advice on technical issues. Efficient time management skills are required along with the ability to deliver results in the face of uncertainty. Engineers in this role must show exemplary judgment in making technical trade-offs between short versus long term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. The successful candidate must be one that can handle several difficult challenges and problems, can make risk-based assessments founded on data and facts. Additionally, the successful candidate will be: - Methodically empirical and experimental in approach and evaluation without being bound by over paralysis-by-analysis;- Work ceaselessly to improve knowledge of the security field, threat landscape, security intelligence, moving proactively toward prevention and detection of threats;- Be an enthusiastic learner and curiosity seeker, focusing on what can be done rather than hindered by notions of what cannot be;- Possess effective verbal and written communication skills, be passionate about sharing knowledge, tactics, strategy, as well as advocating for the project mission;- Have excellent time management skills along with the ability to deliver results in the face of uncertainty; and- Evangelize security within Amazon.com and be an advocate for customer trust.A successful candidate will be a deeply curious individual who brings technical expertise, and ability to work within a fast-paced startup culture in a large company that has broad business impact. This is a unique opportunity to start with Amazon Payments and innovating and scaling security to protect customer trust.Key job responsibilities- Work closely with service teams to identify threats and vulnerabilities throughout Software Development Life Cycle and provide guidance on mitigating the issues. - Identify and prioritize security problems that can be detected using automation.- Develop detection prototypes for these security problems to enhance our tool-set for static and dynamic analysis.- Work with builders and service teams to address detected security problems in an appropriate and timely fashion.- Identify opportunities to prevent security problems at scale.- Develop prototypes to prevent these security problems.- Document and provide security guidance that will be used across Amazon Payments. - Deliver metrics to show effectiveness of our security initiatives.About the teamThe Amazon Payments Core Security team's mission is to build mechanisms that help prevent security issues from affecting Amazon's Payment Applications. A security engineer in Payments Core Security team will work closely with application developers, evangelize security and build scalable vulnerability detection mechanisms that help secure our most critical applications. Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career growthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. - Bachelor's degree in computer science or equivalent- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience- 3+ years experience with security analysis on cloud services, especially server-less and authentication services.- 2 + years experience using data analysis tools and technologies, such as SQL, Jupyter, R, Python.- 3+ years experience with active attacks / live scenarios / applied computer security.- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- 3+ years with cloud technologies (AWS preferred, Azure, Google Cloud, etc).- Masters degree in mathematics, computer science, or related engineering disciplines.- Familiarity with host and network log analysis.- Standing relationships with global associations relevant to the position.- Knowledge and experience with hunting utilizing TTPs (Tactics, Techniques and Procedures).- Experience with security architecture, system architecture, threat modeling, incident handling/response, reverse engineering, malware analysis, adversary methodologies, and/or threat intelligence.- Possess a strong understanding of common enterprise technologies. Extensive knowledge of computing security issues and threat vectors.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing threat research and helping disseminate actionable intelligence to customers? Are you excited to help incident response teams by giving them unprecedented capability and agility? As a member of the Customer Incident Response Team (CIRT in the AWS Global Services Security organization, you will have the opportunity to apply your problem-solving and intelligence analysis skills to help customers respond to security incidents and increase the efficiency and productivity of AWS internal service teams. You will combine contextual knowledge with your analytical skills to gather information and monitor, assess, and report on risks that could affect external AWS customers. You'll also collaborate with internal AWS service teams to help develop new features, innovate with cutting-edge technologies, and explore new challenges...The Global Services Security team, a part of Amazon Web Services (AWS), leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customersAWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. Key job responsibilities* Monitor networks, systems, and applications for security threats and anomalies * Analyze large datasets, logs, packet captures, and other data to detect patterns indicative of cyber threats* Research and analyze information from open source intelligence, social media, dark web forums, etc. to identify emerging cyber threats* Write comprehensive cyber threat reports and briefings to communicate threats, risks, and mitigation strategies to key stakeholders* Maintain up-to-date knowledge and understanding of threat actor groups, new attack techniques, malware variants, and other cybersecurity trends* Enrich threat data with additional context and insights to improve detection and response capabilities * Collaborate with security engineers to develop indicators of compromise and threat intelligence to enhance security monitoring capabilities* Collaborate with security engineers to develop indicators of compromise and threat intelligence to enhance security monitoring capabilities - Make recommendations for improving organizational security measures and policies based on current threat intelligence -* Automate the collection and processing of threat intelligence from multiple sources to enable real-time detection and analysis.* Make recommendations for improving organizational security measures and policies based on current threat intelligence* Automate the collection and processing of threat intelligence from multiple sources to enable real-time detection and analysis* Present cyber threat briefings to executives and technology leaders to convey cyber risks and influence strategic security decisions* Establish relationships with industry peers, law enforcement, government agencies and other partners to share cyber threat intelligence * Establish relationships with industry peers, law enforcement, government agencies and other partners to share cyber threat intelligence About the teamDiverse ExperiencesAWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. About AWSAmazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.Inclusive Team CultureHere at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud. Mentorship & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Hybrid WorkWe value innovation and recognize this sometimes requires uninterrupted time to focus on a build. We also value in-person collaboration and time spent face-to-face. Our team affords engineers options to work in the office every day or in a flexible, hybrid work model near one of our US Amazon offices. Our hybrid models allow you the freedom to work from home whenever in-office collaboration isn’t necessary.- 1+ years of experience building/operating on the AWS platform- 2+ years of experience in technical IT security or related job role- 2+ years of experience performing threat analysis- Experience scripting with Python, Perl, Bash or PowerShell- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers’ threat detection and incident response capabilities.- Experience in operating security solutions, such as WAF, IPS, Anti-DDoS, or SIEM.- Experience managing a security event, including managing customer expectations and delivering results.- Knowledge of incident response workflows and processes.- GIAC Cyber Threat Intelligence (GCTI)Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

The Amazon Security Enterprise Protection team builds tools and services for the monitoring and response to malicious activity on the Amazon internal network. We collect, process, and analyze data from all parts of Amazon's worldwide infrastructure to identify and reduce risks to Amazon.We are looking for a Security Engineer who is excited about designing and building secure solutions to solve challenging problems for mission critical systems that protect Amazon and our customer data. In Amazon Security, our challenges are broad and deep -- we build flexible, secure, scalable, high-performance and robust tools and services.
As a Security Engineer, you will collaborate to ensure we keep our customers safe while developing these novel tools and services. In a given day, you might be inspecting an application’s code for security issues, fine-tuning the design for a new tool alongside its developers, or designing and developing a new tool or service.The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. They should be comfortable with a high degree of ambiguity and relish the idea of solving problems that haven't been solved at scale before. In their communication, they will clearly articulate risks to technical and non-technical audiences alike. Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions.
Our organization prizes its employees, and we show it through investing in work-life harmony. We have dedicated resources that consistently innovate in reducing on-call time and ensuring the team spend their time on the highest-value tasks. Join the Amazon Security organization to work hard, have fun, and make history!Key job responsibilitiesThis role will allow you to work with internal service teams, IT services teams, Risk Assessment and Security Response teams to build detections and analytics that find and reduce insider risk.You will bring deep security knowledge and experience to builder teams to help them build better controls and audit capabilities, while developing detections and response plans that inform the right people when anomalies occur.As a security engineer on the team you will work and lead the most complex and ambiguous projects. However you also be paying attention to the team's work as well as your own.You will contribute to think big ideas about how we radically change how we approach this problem space, help drive feedback and prioritization models. You'll lead calibration and review exercises across teams to ensure a consistent approach to detections is being taken. A day in the lifeNo two days are the same in Insider Risk teams - the nature of the work we do and constantly shifting threat landscape means sometimes you'll be working with an internal service team to find anomalous use of their data, other days you'll be working with IT teams to build improved controls. Some days you'll be busy writing detections and response plans, or mentoring or running design review meetings.About the teamAbout AmSec:Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon SecurityAt Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career growthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.- Bachelor's degree in computer science or equivalent- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Common knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security. Experience reading and writing in at least one programming language.- 3+ years of experience with at least two of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, penetration testing, cloud security, mobile security, and network security You demonstrate excellent judgement in assessing and prioritizing technical risk, have a strong application security background with a focus on scalable solutions, have experience building and securing complex AWS architecture You have excellent written and verbal communication skills, work to identify and remove bottlenecks for your teammates, both in process and technology.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

AWS Security is on the cutting edge of many security issues for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization and custom hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member’s growth as our business grows.AWS Security is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services.An Application Security Engineer at Amazon is expected to be strong in multiple domains and provide significant contributions to the AWS IT Security team and to multiple groups throughout Amazon. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization. An Application Security Engineer must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the AWS Security team's work and constantly seek opportunities for process improvement. They should also have a deep understanding of at least one specialty for which they are a sought out resource (both within AWS Security and by groups throughout Amazon), while having an understanding of the application of Information Security in a broad range of technical areas.Key job responsibilities- Application security reviews (includes architecture reviews, threat modeling, code reviews and security testing)- Mobile security reviews- Projects and research work as needed- Security training and outreach to internal development teams- Security guidance and documentation- Security workflow automation- Security metrics delivery and process improvements- Assistance with recruiting activities and administrative workAbout the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- BS in Computer Science or related field, or equivalent work experience.- Minimum of 4 years of experience with security engineering (architecture reviews, threat modeling, secure coding etc.), system and network security, authentication and security protocols, cryptography or application security.- Familiarity with common attack patterns and exploitation techniques for web & mobile applications and IoT devices.- Knowledge of commonly found software security vulnerabilities (like OWASP top 10) and remediation techniques.- Knowledge of basic networking and network security related concepts (TCP/UDP, Firewalls/Switches, Wi-Fi security, TLS, etc.)- Strong understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)- Experience with Security Engineering and Assurance methodologies e.g. fuzzing, static and dynamic code analysis- Experience with IoT/embedded device security (hardware & firmware security)- Demonstrable teamwork skills and resourcefulness- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)- Ability to drive multiple technically complex security reviews together while remaining effective at providing security guidance to stakeholders.- Strong sense of ownership, urgency, and ability to drive initiatives with high degree of autonomy and excellent written and verbal communication skills.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you’ll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges.The Global Services Security team, a part of Amazon Web Services (AWS), leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customersSales, Marketing and Global Services (SMGS)AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.Key job responsibilities• Perform and oversee incident response operations• Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.• Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.• Design, build, and deploy solutions to automate security operations and incident response on AWS.• Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.• Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.• Innovate on behalf of customers by translating your thoughts into action-yielding results.• Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.• Periodic on-call required.About the teamDiverse ExperiencesAmazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why AWSAmazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.Inclusive Team CultureHere at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.Mentorship and Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.- Experience performing incident response activities- 1+ years of experience building/operating on the AWS platform- 3+ years of experience in technical IT security or related job role- 2+ years of threat detection or incident response experience- Hands-on experience in incident response technology, security, automation, implementation, integration, and/or deployment.- Hands-on technical expertise in building scripts, tools, or methodologies that enhance customers’ threat detection and incident response capabilities.- Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.- Experience communicating complex technical matters clearly and concisely orally and in writing.- Experience managing customers during a security event, including managing customer expectations and delivering results.- Detailed knowledge of incident response workflows and processesAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Come join our penetration testing team dedicated to the detection and exploitation of vulnerabilities from Amazon’s consumer services and devices to the Kuiper satellites. This includes conducting in-depth reviews of complex service workflows including authentication mechanisms, AI, mobile, web applications, and web service APIs. Pentesters also invent new ways to automate and improve their work with techniques including AI/LLMs, fuzzing, detection at scale, and static analysis.Our team operates under the Amazon Devices and Services Trust & Security (DSTS) organization which was formed in 2014 with the mission of protecting Amazon Devices & Services (D&S) customers’ trust, data, and the systems on which they rely. We protect customers by performing security reviews, offensive testing, vulnerability assessments, and provide guidance for remediations. We drive down costs by building and automating security foundations and integrating them into design and release processes. DSTS builds the foundational capabilities that raise an org-wide security bar across the growing diversity of D&S businesses - securing 100+ device types, 12,000+ services, and 100+ product lines that are developed and operated by more than 16,000+ builders.The DSTS penetration testing organization is growing and seeking an experienced web penetration tester to help shape the future of Amazon’s service security. You will work with builder teams and product owners to perform penetration testing and identify high-impact security vulnerabilities across the web services ecosystem supporting Amazon’s devices. The ideal candidate will be expected to comprehend large complex web service architectures, dive deep into a service's source code, and to get some exposure to device penetration tests. This role will provide you with challenging technical opportunities and will also be a great deal of fun if hacking Amazon sounds exciting to you! In this role, you will be part of a dedicated team of talented penetration testers identifying vulnerabilities in the devices and services ecosystem. You will strive to understand systems, software, and services deeply and develop creative ways to break assumptions in order to find vulnerabilities. You care deeply about keeping millions of customers that rely on Amazon’s consumer products safe and are passionate about mitigating vulnerabilities by providing actionable guidance to product teams. You're well-known for your excellent prioritization skills as well as your ability to communicate at all levels of an organization. If you're passionate about finding security bugs, writing tools to enhance manual testing capabilities, automating repetitive tasks, and enjoy seeing your work impact Amazon consumer devices and services, then this position is for you. Candidates from mid to senior level are encouraged to apply.Key job responsibilities- Contribute to penetration tests against services and software released by Amazon’s Devices & Services organization. This includes working closely with builder teams to find vulnerabilities, develop proof of concept exploits, report findings, and validate patches.- Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques.- Review and influence technical solutions to mitigate security vulnerabilities by providing actionable long-term risk mitigation guidance to drive security improvements.- Provides impactful security contributions to large product lines through close collaboration with our partner builder teams.- Develop detailed technical documentation describing identified vulnerabilities, associated impact, and recommended remediation to guide communication with internal engineering stakeholders and leadership.- Continuous growth and development of technical skillsets while contributing to standing projects for program improvement in DSPT.About the teamWhile the majority of our Security team are based in the US, by applying to this position your application will be considered for all locations we hire for in the world, however candidates should expect to accommodate US time for necessary meetings.Our team puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- Bachelor’s degree in Computer Science or related field and 1+ year of equivalent industry experience or 3+ years of equivalent industry experience.- Core understanding of web application and service API vulnerabilities (e.g. mass assignment, broken object/function level authorization, JWT/OAuth, injection, business logic flaws, excessive data exposure, etc.).- Experience tracing sources and sinks during code review to identify vulnerabilities, and providing contextual remediation guidance to address vulnerability root cause.- Experience designing and reviewing secure system architectures through the use of Threat Modeling incorporating sophisticated and modern attacks.- Knowledge of cloud service providers and their offerings, preferably AWS, and its various technologies and services.- Foundational knowledge of hardware security fundamentals.- Experience in CTF competitions, CVE research, and/or Bug Bounty recognition.- Experience with Microservice architectures, AI/ML technologies, scripting and tooling, or pentesting as part of an SDLC operation of a large-scale enterprise environment.- Published security research (e.g. conference presentations, whitepapers, blog posts).Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $125,500/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

The Amazon Web Services (AWS) Proactive Security team continuously works to ensure our services and resources are implemented and maintained to the meet the highest standards of security. Our mission is to prevent security incidences from happening and when they do, we detect and mitigate them in real time.We are looking for a Senior Security Engineer who has a strong passion for security-at-scale. We develop tools and prototypes to automatically detect and prevent security problems in AWS source code, services and resources. Our team deals with immense quantities of resources and we use cutting-edge analysis techniques to solve the most complex security issues at scale.You will use your security expertise to define new tooling domains and building new security focused products within AWS Security. You will collaborate with Builders, Security Analysts and Applied Scientists to drive security improvements. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, you will be a security generalist with one or more areas of deep expertise. You will communicate risks across the business to both technical and non-technical audiences, and effectively harmonize disparate opinions while reducing risk.Key job responsibilities* Research, identify, and prioritize security problems that can be detected using automation.* Effectively drive conversations with Principal Engineers, Directors and VPs to influence business investments and prioritize risks.* Develop detection prototypes for these security problems to enhance our tool-set for static, dynamic or network analysis. Provide security architecture and design guidance and develop security automation tools.* Work with Builders and service teams to address detected security issues in an appropriate and timely fashion.* Identify opportunities to prevent security issues at scale.* Document and provide security guidance that will be used across AWS services.* Deliver metrics to show effectiveness of our security initiatives.* Mentor and develop teammates both technically and professionally.* Seek out, develop, and advocate for new technology to research, identify, and mitigate complex risks.* Effectively navigate novel situations and problems that do not have a defined solution.A day in the lifeAbout the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- BS in Computer Science, Information Security or equivalent- Minimum of 5 years of experience with any combination of the following: mobile security, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security- Knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security- An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)- Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)- Experience managing and delivering security solutions at scale- Demonstrated experience collaborating with other security engineers and developers to deliver complex projects- Experience with AWS or similar enterprise cloud computing platforms.- Knowledge of Linux systems and operating system internals- Excellent written and verbal communication skills with the ability to convey technical information to a wide variety of audiences; and strong and creative problem-solving abilities- Strong sense of ownership, urgency, and driveAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Project Kuiper is an initiative to launch a constellation of Low Earth Orbit satellites that will provide low-latency, high-speed broadband network connectivity to unserved and underserved communities around the world.THE ROLEHave you wanted an opportunity to develop software for an advanced satellite broadband telecom service? The Security team owns the operational security of the constellation end-to-end. We provide the necessary infrastructure to establish secure communications and strong authentication, enabling the confidentiality for our customers and security for our constellation. This team drives the research & development, deployment and operation of several mission-critical security systems for the Kuiper constellation end-to-end. You will work in a start-up like culture to bootstrap software systems focused on security, and help instill the security culture in the organization. Export Control RequirementDue to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.Key job responsibilitiesWe are looking to hire a Security Engineer that has experience in leading the technical conversation, making design decisions and building large-scale, complex system & security service. You will work with a diverse, multi-disciplinary security engineering team to determine the requirements and set the bar for our security best practices and systems development.JOB RESPONSIBILITIES - Work with our peer teams and customers to design suitable software & security systems and interfaces to fulfill the mission needs. - Design and develop software security systems that meet the mission criteria and requirements - Collaborate with your fellow team members to form a strong foundation for a software & security organization in Project Kuiper - Help on-board and mentor new team members. - Utilize AWS and other Amazon technologies to build high-available software services- Bachelor’s degree in CS, CE, or related field, or equivalent work experience- 3+ years delivering security software in a production environment- 2+ years experience delivering distributed software systems in Java, Rust, GoLang or C/C++- 2+ years experience in delivering for cloud-native environments- 2+ years experience in delivering software for Linux- Experience and technical knowledge of security engineering, system and network security, authentication and security protocols, cryptography, and application security- Master's degree with a specialization in information security- Knowledge of current security threats, trends, and mitigations- Experience in a lead role, including guiding and mentoring other developers- Hands-on experience with satellite communications and management software- Experience with low-level programming and embedded systemsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Amazon Web Services (AWS) Security seeks a passionate and innovative Security Engineer for the AWS Vulnerability Management (AVM) team. At AWS, security is job zero, and our AVM team leads the way in securing our cloud services. We continuously raise the bar for security by blending analytics, cybersecurity skills, and technical expertise to protect our customers and the cloud. We are data-driven, set big goals, and are always challenging ourselves and each other to identify better solutions and take on new challengesAs a security engineer, you will focus on host operating systems (OS) patching and enable software builders to improve their service's security posture. You will define and execute both short-term and long-term strategies for vulnerability remediation, and drive remediation activities across AWS’s vast scale. You'll work closely with the builders to gain deep insights into their operational constraints, architectural consideration and compensating control and partner with senior security engineers to review, refine and optimize remediation plans. Your impact will be critical in helping AWS maintain top-tier security by balancing risk and service delivery. You'll focus on identifying security trends, enhancing security visibility, and recommending improvements to our security posture.Key job responsibilities- Collaborate closely with service teams to identify opportunities to improve the overall security posture- Partnering with product teams across AWS to develop scalable solutions to security problems- Developing tooling to automate and refine vulnerability management processes- Identifying security risks through data analytics.- Identifying and owning projects that continuously improve proactive security across AWS- Periodic on-call responsibilitiesAbout the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience- Bachelor's degree in computer science or equivalent- Knowledge of networking protocols such as HTTP, DNS and TCP/IP- Knowledge of system security vulnerabilities and remediation techniques.- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Experience with AWS products and services- Experience with programming languages such as Python, Java, C++Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Come join Earth's most customer-centric company! Amazon is looking for an AI Security Engineer with strong insight and passion for security to ensure our AI applications are designed and built to the highest standards. Your mission is to secure the AI experiences of hundreds of millions of our customers. You bring AI security talent and expertise to a fast-paced environment where you will be relied upon to partner with our talented software development teams in building secure AI applications.As an AI Security Engineer, you will work with software development teams to ensure the security of AI applications. You will review code for security issues, build frameworks to help developers create more secure software, and adjust designs to improve protection. You will also perform security research, analyze bug reports, conduct risk assessments, develop automation, maintain documentation, and create tools that reduce security risks. Your work drives secure, reliable AI applications for Amazon's customers.Key job responsibilities* You will create, update, and maintain threat models for a wide variety of software projects. * You will perform manual and automated code review, primarily in Java, Python, and JavaScript* You will develop AI security automation tools. * You will perform AI security training and outreach for internal development teams. * You will provide AI security architecture and design guidance. * You will independently solve AI security problems that require novel methods or approaches. * You will influence your team's and partners' process, priorities, and choices to improve outcomes.About the teamAbout the teamThe AppSec AI team is tasked with empowering the business to create secure, trustworthy AI applications that our customers find delightful to use. We engage closely with the business from the outset of the development process to ensure that security considerations are integrated early and consistently. This collaborative approach positions us as partners with the business, minimizing the need for security trade-offs. Our close work with product teams allows us to participate in deep technical discussions and decisions. We prioritize obtaining the right training and career growth opportunities, enabling us to Dive Deep and Earn Trust with our development teams.About Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- Knowledge of GenAI systems and associated security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.- Bachelor's degree in computer science or equivalent, plus 3+ years of security engineering experience.- Experience with AWS products and services- Experience with programming languages such as Python, Java, C++Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Customer Service Security is the first line of defense protecting our Customers and their interests from technical & malicious adversaries, seeking to steal their data and/or cause harm to them. We are looking for a Security Engineer who is ready to take on a front-line role in addressing security issues facing the largest Customer Service operation in the world, where customer obsession equals protection. Security issues at this scale and speed require a passion for engineering robust solutions to complex security challenges, as well as the ability to quickly design and build solutions to address them.CS Security is looking for a security engineer to develop and drive technical solutions in a security capabilities team to ensure that our Customer protection is always the priority. We automate where necessary, and iterate constantly. We maintain the highest standards to enhance internal and external customer trust. If you are an experienced security engineer enjoys analyzing, engineering and architecting solutions to deliver results faster, and you are skilled at investigating security issues and new threat scenarios, this position will provide you with a challenging opportunity to work alongside world-class talent in solving complex and far-reaching problems. A successful candidate will have a deep understanding of technical knowledge and has demonstrated a background in Security Engineering and Architecture activities.Key job responsibilitiesWork backwards from the customer to lead the development of ambiguous and impact driven security solutionsDemonstrate and promote security best practices, drive improvements of our overall security architectureWork alongside a talented team of security engineers, program managers, and security analysts. Together you will be driving security defects to the ground and are constantly looking at continuous improvement opportunities in a customer service information security response contextServe as a Subject Matter Expert (SME) on the incident response & technical investigation lifecycle, owning post-retrospective coordination to drive continuous security improvementsInfluence service teams across Amazon to develop systems and processes with information security best practicesIdentify and drive opportunities to improve from large-scale security incident engagementsDesign, build and automate security-related services for internal stakeholdersMentor fellow security engineers, analysts, investigators, and software developersAbout the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career growthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. - 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience- Bachelor's degree in computer science or equivalent- Experience with AWS products and services- 3+ years of work in related technical roles (such as security devops, threat intelligence, security data analysis, etc.)- Proven experience using data analysis tools and technologies, such as SQL, Athena, Jupyter,etc.- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Amazon’s Bug Bounty team is growing and is seeking a security engineer to join the team. This individual will be working with customers and Amazon teams to secure Amazon’s public facing services, applications, and websites. In this role, you will be part of a team of skilled individuals and work to solicit the identification of vulnerabilities from Customers and security researchers. You will be responsible for ensuring vulnerabilities are remediated with urgency by partnering with service teams, ensuring what is learned through disclosure and mitigation improves the security of Amazon’s software development life-cycle. This role will provide you with challenging technical opportunities and the chance to grow Amazon’s Bug Bounty Program into the best on planet Earth.You will be in direct contact with teams in a variety of business verticals, giving you first hand knowledge about how Amazon is built and how it operates at a deep, technical level. Additionally, you will leverage the knowledge you gain about Amazon to find new ways to drive improvements to Customer relationships, services, processes, and technologies throughout the company, with the ultimate goal of ensuring the continued safety and security of our Customers.As a security engineer, you will use your influence and technical skills to continually lead the direction and evolution of the Bug Bounty Program and collaboration with Customers and security researchers in order to maintain and raise Amazon’s high security bar. You’ll be backed up by a team of highly-skilled security engineers all working with a singular focus of maintaining Customer trust. You must demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, a strong sense of Customer Obsession is necessary to focus on the ultimate goal of keeping Amazon and its Customers secure with the highest priority.Key job responsibilities* Participate in an on-call rotation that includes your peers on the team* Participate in a weekend rotation that includes your peers on the team* Coordinate security incident response and vulnerability management activities with service teams to do the right thing for our Customers and the business* Evaluate the potential and/or realized impact of security incidents and work with service teams to mitigate risks* Serve as an escalation point and subject matter expert in incident response, engineering operations, and team triage activities as part of day to day operations* Tactically drive initiatives by influencing key stakeholders and partnering with security and business teams throughout Amazon* Drive improvements to the team’s programs and processes* Write and deliver high-quality documents for technical and non-technical audiences* Manage relationships with Customers and security researchersAbout the teamAbout Amazon Security:Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- Bachelor's degree in computer science or equivalent- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent- Experience applying threat modeling or other risk identification techniques or equivalent- 3+ years experience in application security, incident response, or vulnerability management roles- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Experience implementing security solutions at the business division level or equivalent- Experience with AWS products and services- Ability to take ownership, self-motivate, and deliver results in highly ambiguous environmentsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Come join our penetration testing team dedicated to the detection and exploitation of vulnerabilities across Amazon’s portfolio ranging from consumer services and devices to the Kuiper satellites. This includes conducting in-depth reviews of complex service workflows including authentication mechanisms, AI, mobile, web applications, and web service APIs. Pentesters also invent new ways to automate and improve their work with techniques such as AI/LLMs, fuzzing, detection at scale, and static analysis.Our team operates under the Amazon Devices and Services Trust & Security (DSTS) organization which was formed in 2014 with the mission of protecting Amazon Devices & Services (D&S) customers’ trust, data, and the systems on which they rely. We protect customers by performing security reviews, offensive testing, vulnerability assessments, and provide guidance for remediations. We also drive down costs by building and automating security foundations and integrating them into design and release processes. DSTS builds the foundational capabilities that raise an org-wide security bar across the growing diversity of D&S businesses - securing 100+ device types, 12,000+ applications, and 100+ product lines that are developed and operated by more than 16,000+ builders.The DSTS penetration testing organization is growing and seeking an experienced web penetration tester to help shape the future of Amazon’s service security. You will work with builder teams and product owners to perform penetration testing and identify high-impact security vulnerabilities across the web services ecosystem supporting Amazon’s devices. The ideal candidate will be expected to comprehend large complex web service architectures and to dive deep into a service's source code, and to have some exposure to device penetration tests. This role will provide you with challenging technical opportunities and will also be a great deal of fun if hacking Amazon sounds exciting to you! In this role, you will be part of a dedicated team of talented penetration testers identifying vulnerabilities in the devices and services ecosystem. You will strive to understand systems, software, and services deeply and develop creative ways to break assumptions in order to find vulnerabilities. You care deeply about keeping millions of customers that rely on Amazon’s consumer products safe and are passionate about mitigating vulnerabilities by providing actionable guidance to product teams. You're well-known for your excellent prioritization skills as well as your ability to communicate at all levels of an organization. If you're passionate about finding security bugs, writing tools to enhance manual testing capabilities, automating repetitive tasks, and enjoy seeing your work impact Amazon consumer devices and services, then this position is for you. Candidates from mid to senior level are encouraged to apply.Key job responsibilities- Lead and contribute to penetration tests against services and software released by Amazon’s Devices & Services organization. This includes working closely with builder teams to scope pentests, develop test plans, find vulnerabilities, develop proof of concept exploits, report findings, and validate patches.- Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques.- Review and influence technical solutions to mitigate security vulnerabilities by providing actionable long-term risk mitigation guidance to drive security improvements.- Lead impactful security improvements in large product lines through close collaboration with our partner builder teams.- Develop detailed technical documentation describing identified vulnerabilities, associated impact, and recommended remediation to guide communication with internal engineering stakeholders and leadership.- Mentor junior penetration testers and cultivate a culture of collaboration and research sharing.About the teamWhile the majority of our Security team are based in the US, by applying to this position your application will be considered for all locations we hire for in the world, however candidates should expect to accommodate US time for necessary meetings.Our team puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- 3+ years of experience identifying, exploiting, and recommending solutions to remediate web application and service API vulnerabilities (e.g. mass assignment, broken object/function level authorization, JWT/OAuth, injection, business logic flaws, excessive data exposure, etc.).- Experience tracing sources and sinks during code review to identify vulnerabilities, and providing contextual remediation guidance to address vulnerability root cause.- Experience designing and reviewing secure system architectures through the use of Threat Modeling incorporating sophisticated and modern attacks.- Knowledge of cloud service providers and their offerings, preferably AWS, and its various technologies and services.- Bachelor’s degree in Computer Science or related field, or equivalent industry experience.- Foundational knowledge of hardware security fundamentals.- Experience in CTF competitions, CVE research, and/or Bug Bounty recognition.- Experience with applying and assessing Machine Learning technologies.- Published security research (e.g. conference presentations, whitepapers, blog posts).Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Amazon Web Services (AWS) is the leading cloud provider, providing virtual infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS’s multi-tenant infrastructure. Governmental organizations are also looking to and depending on AWS for cloud solutions and services.The AWS Security Incident Response team is seeking a focused Security Engineer who can take on a leadership role in responding to security issues in support of our National Security program. This engineer will work as a part of a growing team of security engineers who are focused on protecting the AWS infrastructure that is used by our national security customers. Our security engineers perform many duties during an average day: log analysis, incident response, forensics, system/tooling development, and risk assessment, just to name a few. You must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right time frames to mitigate risks. They also need to balance technical risks against business needs and be able to articulate risks and mitigations to members of leadership at various levels.You should have a good mix of deep technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.This position requires that the candidate selected be a US Citizen and must currently possess and maintain an active TS/SCI security clearance with polygraph.Key job responsibilitiesYou should be able to accomplish most of the following: - Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future. - Design and coordinate cohesive responses to security events that involve multiple teams across the organization. - Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale. - Ability to communicate effectively at multiple levels of sensitivity, and multiple audiences. - Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence. - Fulfill regular on-call responsibilities.About the teamOur team is dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we’re building an environment that celebrates knowledge sharing and mentorship.Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.- Bachelor's degree, or CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+- Current, active US Government Security Clearance of TS/SCI with Polygraph- Experience with AWS products and servicesAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit

Amazon Devices and Services is an inventive research and development organization that designs and engineers Amazon devices, from Kindle to Fire TV and Amazon Echo. What will you help us create?Are you interested in being part of a top-notch security team covering all Amazon devices (including consumer devices like Kindle, FireTV, Echo, Astro robots, Ring doorbells, cameras, drones, etc. and newlines of devices including Kuiper satellites) ? If you want to keep customers safe, then we have a job for you! Amazon’s Devices and Services Security is growing and looking for a strong leader. You will be tasked in setting the strategic direction for hardware security for all Amazon devices while developing and taking the team to the next level. As a Senior Manager at Amazon Devices and Services Security, you will have an enormous opportunity to lead a team of top notch security engineers respected by product teams, drive down systemic and tactical risk to Amazon devices, and develop long lasting functions and features for Amazon devices. You care deeply about keeping Amazon customers safe and therefore are passionate about mitigating vulnerabilities/risks by providing actionable guidance and solutions to product teams. You drive long term security improvements by identifying key gaps and partner with product teams to drive security improvements at scale. You're well-known for your excellent prioritization skills as well as your ability to communicate at all levels of an organization. Note: While the majority of our Security roles are based in the Bay Area, CA and Seattle, WA areas, by applying to this position your application will be considered for other locations we hire for in the United States, including but not limited to: Bellevue, WA; Boston, MA, Austin TX.Key job responsibilitiesKey Job Responsibilities Include:- Fostering, coaching, recruiting and scaling a team of world class hardware security engineers; providing strategic and tactical oversight to the team and the program.- Defining a hardware security roadmap; aligning with key business stakeholders to ensure that objectives are focused on areas of key concern for internal and external Amazon customers; providing technical oversight for all phases of the hardware security lifecycle. - Creating and driving a culture of inclusion where team members are encouraged to take risks and push limits in order to challenge organizational security assumptions. - Partner with key stakeholders to drive implementation of security-related technical and process controls to remediate risks identified during engagements.- Provide updates to senior leadership on a regular cadence.- Provide verbal and written summaries of engagements to Amazon stakeholders and business owners.- Engage in retrospectives with the partners and create a feedback loop to foster continuous improvement of delivery mechanisms and approaches.About the teamAbout Amazon Security:At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services.Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon SecurityAt Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Mentorship and Career growthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.- Bachelor's degree in Computer Science, related field or relevant work experience- 10+ years of industry experience with a proven track record of hands on hardware security experience.- 10+ years managing and building teams (including coaching and mentoring)- Strong and proven ability to communicate technical concepts to a non-technical audience and stakeholders- Experience managing a team of strong security engineers to identify strategic and tactical risk.- Master’s degree- 10+ years of risk assessment and vulnerability research and enabling organizations making decisions- Significant experience and detailed technical knowledge in one of the following areas: security engineering, chipset and system security, cryptography, authentication and security protocols.- Experience with threat modeling or other risk identification techniques, and risk management- Experience partnering and influencing cross functional engineering, QA and testing teams to drive security improvements in complex environments- Experience driving prioritization of security risks/vulnerabilities and ensuring that they are properly understood by the business and fixed and/or mitigated.- Strong analytical and quantitative skills with the ability to use data and metrics to back up assumptions and recommendations and drive actionsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $187,500/year in our lowest geographic market up to $324,100/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

This position may work out of any of the following office locations: Seattle, WA; Austin, TX Arlington VA.Amazon Vulnerability Management and Remediation (VMR) is looking for a Senior Security Engineer to join our Vulnerability Management Response Team. VMR is responsible for the discovery, assessment, triage, and remediation of vulnerabilities across Amazon. We are data-driven, set big goals, and are always challenging ourselves and each other to identify better solutions and take on new challenges. Our team offers the unique opportunity to work with leading industry security experts and engage across Amazon teams and leadership. As a Lead Security Engineer in VMR Response, you will play a hands-on role in the proactive identification and remediation of security issues at Amazon. You will be part of a global-scale vulnerability response service supporting a diverse technical ecosystem. Your teammates are an international group of security engineers, software developers, and technical program managers dedicated to continuously raising the security bar.Key job responsibilities- You are considered a technical leader on VMR and deliver high quality products, sometimes through others.- You intake, and evaluate vulnerabilities, misconfigurations, and weaknesses, assisting junior engineers.- You craft and deploy security campaigns, assisting junior engineers.- You participate in on-call rotations. - You engage autonomously with product and system owners to help create, build and innovate campaigns, possibly by writing code, scripts, creating detections, etc. - Your work focuses on large, ambiguous security problems in internal and partner-org security services or initiatives. Representing VMR, you bring perspective and provide context for current security best practices and the costs associated with them. You understand that not all security problems are new (or require new tools). You make risk-based trade-offs with larger-scale impact, with strong knowledge of compensating controls. - You fix deficiencies proactively and/or propose large projects, mindful of resources, which may require the work of VMR and other teams related by architecture. - You are able to split work into parallel tasks performed by you and others to accomplish more. - You may design or write code that delivers security automation.- You have significant domain expertise in three or more core CBK areas and secondary specializations, (e.g. infrastructure security, threat intelligence, security operation, endpoint security, or identity management). About the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.- 5 years hands-on Security Engineering experience, with at least 3 years in vulnerability management.- 5 years experience building, operating, and maturing large-scale security systems or services, including cloud-based services.- Ability to write code/scripts to create detections- Evaluate and assess detections to ensure proper scope and drive campaign effort- Demonstrated ability to collect, analyze, and use data to drive and influence decision making- Bachelor's degree- Experience automating security operations.- Experience with systems design.- Experience with AWS services.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Help us protect not only the Amazon Web Services (AWS) cloud computing environment but all of our customers as well! Since 2006, our great team at AWS has been enabling our customers to bring great ideas to life in ways that aren’t possible in traditional IT environments. With AWS you can flexibly harness compute, storage, security, and other services from across the globe as your business demands them. AWS Security is on the cutting edge of many security issues for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization, AI and Robotics and custom hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member’s growth as our business grows. AWS Security is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will work with Amazon builders to create secure-by-default solutions. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services. A Security Engineer at Amazon is expected to be strong in multiple domains and provide significant contributions to the AWS IT Security team and to multiple groups throughout Amazon. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization. A Security Engineer must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the AWS IT Security team's work and constantly seek opportunities for process improvement. They should also have a deep understanding of at least one specialty for which they are a sought out resource (both within AWS IT Security and by groups throughout Amazon), while having an understanding of the application of Information Security in a broad range of technical areas. A successful candidate will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include project and software development work. This role will provide career growth opportunities as you gain new security skills in the course of your duties. Key job responsibilitiesThis role will work closely with Amazon builders and AWS technology to define what processes we can make secure by default and how we'd implement. This position will work with a variety of builders and get an opportunity to dive deep into problems to address efficiencies across the builder-security feedback loop.- Design secure-by-default solutions- Projects and research work as needed- Security training and outreach to internal development teams- Security guidance documentation- Security tool development- Security metrics delivery and improvementsA day in the lifeThe SHINE team is a small group of engineers focused on improving the lives of AWS builders and security engineers alike by providing innovate and efficient solutions to shorten the security review process. We have the opportunity to have organizational impact and the mandate to do it. A new team member can expect to iterate quickly, to try and experiment often, while not being afraid to fail fast when needed to work on the next item.About the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career growthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. - 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Experience with AWS products and services- Experience with programming languages such as Python, Java, C++Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.