Lead Security Engineer, Vulnerability Management and Response

This position may work out of any of the following office locations: Seattle, WA; Austin, TX Arlington VA.Amazon Vulnerability Management and Remediation (VMR) is looking for a Senior Security Engineer to join our Vulnerability Management Response Team. VMR is responsible for the discovery, assessment, triage, and remediation of vulnerabilities across Amazon. We are data-driven, set big goals, and are always challenging ourselves and each other to identify better solutions and take on new challenges. Our team offers the unique opportunity to work with leading industry security experts and engage across Amazon teams and leadership. As a Lead Security Engineer in VMR Response, you will play a hands-on role in the proactive identification and remediation of security issues at Amazon. You will be part of a global-scale vulnerability response service supporting a diverse technical ecosystem. Your teammates are an international group of security engineers, software developers, and technical program managers dedicated to continuously raising the security bar.Key job responsibilities- You are considered a technical leader on VMR and deliver high quality products, sometimes through others.- You intake, and evaluate vulnerabilities, misconfigurations, and weaknesses, assisting junior engineers.- You craft and deploy security campaigns, assisting junior engineers.- You participate in on-call rotations. - You engage autonomously with product and system owners to help create, build and innovate campaigns, possibly by writing code, scripts, creating detections, etc. - Your work focuses on large, ambiguous security problems in internal and partner-org security services or initiatives. Representing VMR, you bring perspective and provide context for current security best practices and the costs associated with them. You understand that not all security problems are new (or require new tools). You make risk-based trade-offs with larger-scale impact, with strong knowledge of compensating controls. - You fix deficiencies proactively and/or propose large projects, mindful of resources, which may require the work of VMR and other teams related by architecture. - You are able to split work into parallel tasks performed by you and others to accomplish more. - You may design or write code that delivers security automation.- You have significant domain expertise in three or more core CBK areas and secondary specializations, (e.g. infrastructure security, threat intelligence, security operation, endpoint security, or identity management). About the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.- 5 years hands-on Security Engineering experience, with at least 3 years in vulnerability management.- 5 years experience building, operating, and maturing large-scale security systems or services, including cloud-based services.- Ability to write code/scripts to create detections- Evaluate and assess detections to ensure proper scope and drive campaign effort- Demonstrated ability to collect, analyze, and use data to drive and influence decision making- Bachelor's degree- Experience automating security operations.- Experience with systems design.- Experience with AWS services.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Sr Security Engineer, AWS AppSec

Do you enjoy seeing the impact your work has on real customers? As a Security Engineer at Amazon Web Services, you’ll create, maintain, and improve Services and solutions at massive scale, helping to improve the businesses (and lives) of millions of people around the world. Help us protect not only the Amazon Web Services (AWS) cloud computing environment but all of our customers as well!As a member of The AWS team, you’ll be part of the glue that holds the AWS ecosystem together as you contribute to securing, validating and sustaining more than 750 million transactions per second. Whether its help validate that our services, applications, and websites are designed and implemented to the highest security standards, AWS is innovating with the customer in mind.AWS Security is on the cutting edge of many security issues for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization and custom hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member’s growth as our business grows.AWS Security is looking for a Senior Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services.A Senior Security Engineer at Amazon is expected to be strong in multiple domains and provide significant contributions to the AWS IT Security team and to multiple groups throughout Amazon. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization.A Senior Security Engineer must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the AWS IT Security team's work and constantly seek opportunities for process improvement. They should also have a deep understanding of at least one specialty for which they are a sought-out resource (both within AWS Security and by groups throughout Amazon), while having an understanding of the application of information security in a broad range of technical areas.A successful candidate will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include project and software development work. This role will provide career growth opportunities as you gain new security skills in the course of your duties.Key job responsibilities• Application security reviews• Mobile security reviews• Secure architecture design• Threat modeling• Projects and research work as needed• Security training and outreach to internal development teams• Security guidance documentation• Security tool development• Security metrics delivery and improvements• Assistance with recruiting activities and administrative work About the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- MS in Computer Science or related field, or equivalent work experience- Minimum of 5 years of experience with any combination of the following: mobile security, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security- Minimum of 5 years of experience with security engineering, system and network security, authentication and security protocols, cryptography, application, database, or storage security- Experience implementing security solutions at the business division level- An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)- Excellent written and verbal communication skills- Demonstrable teamwork skills and resourcefulness- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)- Strong sense of ownership, urgency, and drive.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Security Engineer II, Application Security Automation

As a member of the Application Security Automation team, you will help provide automated security testing (SAST/DAST) solutions for all of Amazon. Our team’s goal is to empower both development and security teams with accurate security detections at the highest standards of quality in order to identify and eliminate risk across Amazon’s application portfolio. You will be responsible for performing security assessments and delivering new security detection rules to enhance our existing testing capabilities. This role will routinely challenge your technical background and critical thinking. You will be expected to collaborate with our team’s stakeholders in a fast-paced environment across many technology stacks and services to deliver scalable solutions.Key job responsibilities- Develop, curate, and improve application security detections (static and dynamic) to identify vulnerabilities at scale- Evaluate and recommend new security testing tools- Perform static and dynamic application security assessments to ensure the highest quality standard for our detection rule sets- Risk assessment and Threat Modeling- Develop, enhance, and interpret security standards and guidance- Demonstrate and promote security best practices, drive improvements of Amazon’s overall security architectureAbout the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Bachelor's degree in computer science or equivalent- Knowledge of networking protocols such as HTTP, DNS and TCP/IP- Experience with programming languages such as Python, Java, C++Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Manager - AWS Application Security, AWS Proactive Security

Cloud security is our highest priority at AWS. As an AWS customer, you benefit from an environment built to meet the requirements of the most security-sensitive organizations. As an AWS Security team member, you will help secure that environment for our customers while working on cutting edge security products for a variety of platforms and technologies, all operating at massive scale. We are looking for an experienced security leader to join the AWS AppSec team. As a security leader, you will own building and managing a team of security engineers and leaders, fostering a strong team culture. You and your team will be responsible for reviewing and testing our new services before release, partnering closely with our development teams to produce innovative and secure solutions. We are looking for a leader that is highly passionate about the potential of cloud computing and building a high performing security team. Security Managers at Amazon have a track record of delivering high quality technology products and services in a hyper-growth environment where priorities shift quickly. You should know how to prioritize, communicate clearly and compellingly, and understand how to drive a high level of focus and excellence with a strong team. AWS in general, and AppSec in particular, operates at very large scale and demands high standards, so a passion and discipline around security and delivery is critical. A high level of ownership and accountability is a must. About the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- 5+ years of experience leading, managing & developing high performance security teams such as Application Security, Security Assurance, Red Teams- 7+ years of experience within a software security team or similar operating environment- Hands-on knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques- BA/BS in computer science, information security, related discipline, or equivalent work experience- Experience in Identity frameworks, standards- Experience of working in cloud technologies- MA/MS in computer science/related field- Information security professional certifications encouraged (SANS GIAC, CISSP etc.)- Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand conceptsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $157,600/year in our lowest geographic market up to $272,400/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Threat Intelligence Engineer, Stores Threat Operations, Research, & Monitoring (STORM)

Are you ready to dive deep and be customer obsessed in the world of cybersecurity? Come join Amazon's Stores Threat Operations, Research, & Monitoring (STORM) team! At Amazon, we're looking for builders who can invent and simplify in the face of complex cyber threats. As a Threat Intelligence Engineer on our STORM team, you'll be an explorer identifying threats to our vast ecosystem. You'll bridge the gap between our red and blue teams, delivering timely, relevant, and insightful intelligence to help us understand and navigate our threat landscape. Key job responsibilities- Architect and Innovate in our threat intelligence platform, leveraging cutting-edge technologies to automate data ingestion, analysis, and dissemination- Develop and maintain complex algorithms for threat actor profiling and infrastructure tracking- Invent and Implement advanced analytics to identify emerging threats, vulnerabilities, and malware across diverse data sources- Engineer custom integrations between our threat intelligence platform and other security tools, enhancing our detection and response capabilities- Apply machine learning and data mining techniques to extract meaningful patterns from large-scale threat data sets- Develop and optimize queries across multiple databases and intelligence sources to correlate disparate threat indicators- Create scalable scripts and tools to automate the enrichment and contextualization of technical indicators (IOCs) - Conduct in-depth technical analysis of adversary tactics, techniques, and procedures (TTPs) using industry-standard frameworks- Develop custom dashboards and visualizations to effectively communicate technical threat data to both technical and non-technical stakeholders About the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- 5+ years of experience crafting threat analysis products- Bachelor's degree in computer science or equivalent- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience- Proficiency with threat frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain etc)- Background in Intelligence Analysis- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent- Advanced degree in intelligence, cybersecurity or computer scienceAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Threat Research Analyst, Global Services Security - Customer Incident Response Team

Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing threat research and helping disseminate actionable intelligence to customers? Are you excited to help incident response teams by giving them unprecedented capability and agility? As a member of the Customer Incident Response Team (CIRT in the AWS Global Services Security organization, you will have the opportunity to apply your problem-solving and intelligence analysis skills to help customers respond to security incidents and increase the efficiency and productivity of AWS internal service teams. You will combine contextual knowledge with your analytical skills to gather information and monitor, assess, and report on risks that could affect external AWS customers. You'll also collaborate with internal AWS service teams to help develop new features, innovate with cutting-edge technologies, and explore new challenges...The Global Services Security team, a part of Amazon Web Services (AWS), leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customersAWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. Key job responsibilities* Monitor networks, systems, and applications for security threats and anomalies * Analyze large datasets, logs, packet captures, and other data to detect patterns indicative of cyber threats* Research and analyze information from open source intelligence, social media, dark web forums, etc. to identify emerging cyber threats* Write comprehensive cyber threat reports and briefings to communicate threats, risks, and mitigation strategies to key stakeholders* Maintain up-to-date knowledge and understanding of threat actor groups, new attack techniques, malware variants, and other cybersecurity trends* Enrich threat data with additional context and insights to improve detection and response capabilities * Collaborate with security engineers to develop indicators of compromise and threat intelligence to enhance security monitoring capabilities* Collaborate with security engineers to develop indicators of compromise and threat intelligence to enhance security monitoring capabilities - Make recommendations for improving organizational security measures and policies based on current threat intelligence -* Automate the collection and processing of threat intelligence from multiple sources to enable real-time detection and analysis.* Make recommendations for improving organizational security measures and policies based on current threat intelligence* Automate the collection and processing of threat intelligence from multiple sources to enable real-time detection and analysis* Present cyber threat briefings to executives and technology leaders to convey cyber risks and influence strategic security decisions* Establish relationships with industry peers, law enforcement, government agencies and other partners to share cyber threat intelligence * Establish relationships with industry peers, law enforcement, government agencies and other partners to share cyber threat intelligence About the teamDiverse ExperiencesAWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. About AWSAmazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.Inclusive Team CultureHere at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud. Mentorship & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Hybrid WorkWe value innovation and recognize this sometimes requires uninterrupted time to focus on a build. We also value in-person collaboration and time spent face-to-face. Our team affords engineers options to work in the office every day or in a flexible, hybrid work model near one of our US Amazon offices. Our hybrid models allow you the freedom to work from home whenever in-office collaboration isn’t necessary.- 1+ years of experience building/operating on the AWS platform- 2+ years of experience in technical IT security or related job role- 2+ years of experience performing threat analysis- Experience scripting with Python, Perl, Bash or PowerShell- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers’ threat detection and incident response capabilities.- Experience in operating security solutions, such as WAF, IPS, Anti-DDoS, or SIEM.- Experience managing a security event, including managing customer expectations and delivering results.- Knowledge of incident response workflows and processes; GIAC Cyber Threat Intelligence (GCTI)Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Product Security Engineer, Payments Security - Core Security Services

Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Over 100 million customers and merchants send tens of billions of dollars through our systems annually. We are re-inventing the vision of our platform to provide our internal and external clients the best payment gateway service, benchmarked against the top external alternatives. Paramount to our success is ensuring that customer data is secure across Amazon Payments products and services. At the Payments Proactive Security Team, we are influencing the internal Payments ecosystem to pursue best security practices as well as driving the improvement of product security at scale by leveraging the automated solution and feedback loop mechanism established internally.A Security Engineer in Amazon will be strong in multiple security domains and sought out for advice on technical issues. Efficient time management skills are required along with the ability to deliver results in the face of uncertainty. Engineers in this role must show exemplary judgment in making technical trade-offs between short versus long term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. The successful candidate must be one that can handle several difficult challenges and problems, can make risk-based assessments founded on data and facts. Additionally, the successful candidate will be: - Methodically empirical and experimental in approach and evaluation without being bound by over paralysis-by-analysis;- Work ceaselessly to improve knowledge of the security field, threat landscape, security intelligence, moving proactively toward prevention and detection of threats;- Be an enthusiastic learner and curiosity seeker, focusing on what can be done rather than hindered by notions of what cannot be;- Possess effective verbal and written communication skills, be passionate about sharing knowledge, tactics, strategy, as well as advocating for the project mission;- Have excellent time management skills along with the ability to deliver results in the face of uncertainty; and- Evangelize security within Amazon.com and be an advocate for customer trust.A successful candidate will be a deeply curious individual who brings technical expertise, and ability to work within a fast-paced startup culture in a large company that has broad business impact. This is a unique opportunity to start with Amazon Payments and innovating and scaling security to protect customer trust.Key job responsibilities- Work closely with service teams to identify threats and vulnerabilities throughout Software Development Life Cycle and provide guidance on mitigating the issues. - Identify and prioritize security problems that can be detected using automation.- Develop detection prototypes for these security problems to enhance our tool-set for static and dynamic analysis.- Work with builders and service teams to address detected security problems in an appropriate and timely fashion.- Identify opportunities to prevent security problems at scale.- Develop prototypes to prevent these security problems.- Document and provide security guidance that will be used across Amazon Payments. - Deliver metrics to show effectiveness of our security initiatives.About the teamThe Amazon Payments Core Security team's mission is to build mechanisms that help prevent security issues from affecting Amazon's Payment Applications. A security engineer in Payments Core Security team will work closely with application developers, evangelize security and build scalable vulnerability detection mechanisms that help secure our most critical applications. Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career growthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. - Bachelor's degree in computer science or equivalent- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience- 3+ years experience with security analysis on cloud services, especially server-less and authentication services.- 2 + years experience using data analysis tools and technologies, such as SQL, Jupyter, R, Python.- 3+ years experience with active attacks / live scenarios / applied computer security.- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- 3+ years with cloud technologies (AWS preferred, Azure, Google Cloud, etc).- Masters degree in mathematics, computer science, or related engineering disciplines.- Familiarity with host and network log analysis.- Standing relationships with global associations relevant to the position.- Knowledge and experience with hunting utilizing TTPs (Tactics, Techniques and Procedures).- Experience with security architecture, system architecture, threat modeling, incident handling/response, reverse engineering, malware analysis, adversary methodologies, and/or threat intelligence.- Possess a strong understanding of common enterprise technologies. Extensive knowledge of computing security issues and threat vectors.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Application Security Engineer, SHINE - Security Hub for Innovation and Efficiency

Help us protect not only the Amazon Web Services (AWS) cloud computing environment but all of our customers as well! Since 2006, our great team at AWS has been enabling our customers to bring great ideas to life in ways that aren’t possible in traditional IT environments. With AWS you can flexibly harness compute, storage, security, and other services from across the globe as your business demands them. AWS Security is on the cutting edge of many security issues for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization, AI and Robotics and custom hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member’s growth as our business grows. AWS Security is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will work with Amazon builders to create secure-by-default solutions. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services. A Security Engineer at Amazon is expected to be strong in multiple domains and provide significant contributions to the AWS IT Security team and to multiple groups throughout Amazon. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization. A Security Engineer must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the AWS IT Security team's work and constantly seek opportunities for process improvement. They should also have a deep understanding of at least one specialty for which they are a sought out resource (both within AWS IT Security and by groups throughout Amazon), while having an understanding of the application of Information Security in a broad range of technical areas. A successful candidate will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include project and software development work. This role will provide career growth opportunities as you gain new security skills in the course of your duties. Key job responsibilitiesThis role will work closely with Amazon builders and AWS technology to define what processes we can make secure by default and how we'd implement. This position will work with a variety of builders and get an opportunity to dive deep into problems to address efficiencies across the builder-security feedback loop.- Design secure-by-default solutions- Projects and research work as needed- Security training and outreach to internal development teams- Security guidance documentation- Security tool development- Security metrics delivery and improvementsA day in the lifeThe SHINE team is a small group of engineers focused on improving the lives of AWS builders and security engineers alike by providing innovate and efficient solutions to shorten the security review process. We have the opportunity to have organizational impact and the mandate to do it. A new team member can expect to iterate quickly, to try and experiment often, while not being afraid to fail fast when needed to work on the next item.About the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career growthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. - 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Experience with AWS products and services- Experience with programming languages such as Python, Java, C++Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

AWS Sr Application Security Engineer, AppSec -EC2

Help us protect not only the Amazon Web Services (AWS) cloud computing environment but all of our customers as well! Since 2006, our great team at AWS has been enabling our customers to bring great ideas to life in ways that aren’t possible in traditional IT environments. With AWS you can flexibly harness compute, storage, security, and other services from across the globe as your business demands them. AWS Security is on the cutting edge of many security issues for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization and custom hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member’s growth as our business grows. AWS Security is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services. A Security Engineer at Amazon is expected to be strong in multiple domains and provide significant contributions to the AWS IT Security team and to multiple groups throughout Amazon. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization. A Security Engineer must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the AWS IT Security team's work and constantly seek opportunities for process improvement. They should also have a deep understanding of at least one specialty for which they are a sought out resource (both within AWS IT Security and by groups throughout Amazon), while having an understanding of the application of Information Security in a broad range of technical areas. You will have the combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include project and software development work. This role will provide career growth opportunities as you gain new security skills in the course of your duties. Key job responsibilities• Application security reviews • Mobile security reviews • Secure architecture design • Threat modeling • Projects and research work as needed • Security training and outreach to internal development teams • Security guidance documentation • Security tool development • Security metrics delivery and improvements • Assistance with recruiting activities and administrative workAbout the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- BS (or higher) in Computer Science or related field, or equivalent work experience.- 5+ years of experience in application security with any combination of the following: threat modeling experience, secure design reviews, code reviews, pen-testing- Expertise in multiple security domains such as identity management and authentication, cryptography, networking, web protocols- Experience with AWS products and services- Experience with programming languages such as Python, Java, C++Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Security Engineer, Bug Bounty

Amazon’s Bug Bounty team is growing and is seeking a security engineer to join the team. This individual will be working with customers and Amazon teams to secure Amazon’s public facing services, applications, and websites. In this role, you will be part of a team of skilled individuals and work to solicit the identification of vulnerabilities from Customers and security researchers. You will be responsible for ensuring vulnerabilities are remediated with urgency by partnering with service teams, ensuring what is learned through disclosure and mitigation improves the security of Amazon’s software development life-cycle. This role will provide you with challenging technical opportunities and the chance to grow Amazon’s Bug Bounty Program into the best on planet Earth.You will be in direct contact with teams in a variety of business verticals, giving you first hand knowledge about how Amazon is built and how it operates at a deep, technical level. Additionally, you will leverage the knowledge you gain about Amazon to find new ways to drive improvements to Customer relationships, services, processes, and technologies throughout the company, with the ultimate goal of ensuring the continued safety and security of our Customers.As a security engineer, you will use your influence and technical skills to continually lead the direction and evolution of the Bug Bounty Program and collaboration with Customers and security researchers in order to maintain and raise Amazon’s high security bar. You’ll be backed up by a team of highly-skilled security engineers all working with a singular focus of maintaining Customer trust. You must demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, a strong sense of Customer Obsession is necessary to focus on the ultimate goal of keeping Amazon and its Customers secure with the highest priority.Key job responsibilities* Participate in an on-call rotation that includes your peers on the team* Participate in a weekend rotation that includes your peers on the team* Coordinate security incident response and vulnerability management activities with service teams to do the right thing for our Customers and the business* Evaluate the potential and/or realized impact of security incidents and work with service teams to mitigate risks* Serve as an escalation point and subject matter expert in incident response, engineering operations, and team triage activities as part of day to day operations* Tactically drive initiatives by influencing key stakeholders and partnering with security and business teams throughout Amazon* Drive improvements to the team’s programs and processes* Write and deliver high-quality documents for technical and non-technical audiences* Manage relationships with Customers and security researchersAbout the teamAbout Amazon Security:Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.- Bachelor's degree in computer science or equivalent- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent- Experience applying threat modeling or other risk identification techniques or equivalent- 3+ years experience in application security, incident response, or vulnerability management roles- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- Experience implementing security solutions at the business division level or equivalent- Experience with AWS products and services- Ability to take ownership, self-motivate, and deliver results in highly ambiguous environmentsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Sr. Security Engineer, AWS Center for Quantum Computing

The Amazon Web Services (AWS) Center for Quantum Computing (CQC) in Pasadena, CA, is seeking a Security Engineer who will design and oversee the security operations of a growing research and development (R&D) effort. This role requires some on site activity, roughly 1 to 2 times per week.As a security expert, you will own the completion of a threat model and security plan for our research spaces and will lead an array of projects and security initiatives/activities designed to protect your fellow Amazonians, R&D facilities, and critical cloud infrastructure from all categories of threats. You will define, document, and educate policies/workflows for our labs, which span across academic, corporate, and industrial spaces. You obsess over internal and external customers and successfully deliver support and services in a fast-paced environment where priorities shift quickly. You are also independent and can manage program security projects under minimal supervision, continuously triage and prioritize accordingly, communicate clearly, think outside the box, and deliver exceptional results. By delivering a highly secure yet flexible R&D environment, successful candidates will enable a team of scientists and engineers to secure quantum technologies for our global AWS customer base.Additional responsibilities include:Work with internal stakeholders, academic and corporate partners to meet or exceed Amazon security barUnderstand software lifecycle on scientific equipment and mitigate physical and logical risksPerform periodic reviews of software baselines and network activityManage security reviews of internally used, external-facing, or third-party applicationsCreate and maintain detailed inventories of sensitive hardware and softwareWith the help of other security engineers at AWS, audit equipment and software before commissioning in a development or production environmentAbout the teamExport Control Requirement: Due to applicable export control laws and regulations, candidates must either be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum, or be able to obtain a US export license.About AWSDiverse ExperiencesAWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why AWS?Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.Inclusive Team CultureHere at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.Mentorship & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud. This team is part of AWS Utility Computing: Utility Computing (UC) AWS Utility Computing (UC) provides product innovations — from foundational services such as Amazon’s Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2), to consistently released new product innovations that continue to set AWS’s services and features apart in the industry. As a member of the UC organization, you’ll support the development and management of Compute, Database, Storage, Internet of Things (Iot), Platform, and Productivity Apps services in AWS, including support for customers who require specialized security solutions for their cloud services.- 5+ years relevant security engineering work experience, or a Bachelor’s degree in one of the following degree programs: Cybersecurity, Computer Science/Engineering, Electrical Engineering, Informatics, or related academic degrees- 5+ years of professional work experience as a security expert in one or more of these areas: security engineering, scientific research, engineering research and development- Hands-on experience with security lifecycle activities including threat modeling, risk analysis, design review, and testing- Strong understanding of adversary TTPs and experience with threat detection, response, and recovery- Interest in learning Quantum Technologies- Effective teacher and instructor, with experience developing and delivering training to security, technical, and business professionals; Ability to develop and deliver security awareness training programs- Excellent written communication skills, with a focus on translating technically complex security issues into simple, easy to understand concepts for business and technical leadership; Experience writing and publishing security standards- Ability to manage tactical (daily) operations and participate in development of strategic program plans- Understanding of crisis operations, risk management, and crisis communication- Understanding of business continuity and incident command system- Strong working knowledge of access control systems and physical security systems/components- Experience in providing security oversight at data centers or research lab environments/equivalentAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.

Security Engineer, Amazon Security Lake

Are you passionate about securing the cloud? Do you enjoy creating products and services that delight customers? Are you experienced with large scale security data handling and operations? If so, then our team, Amazon Security Lake, has an exciting opportunity for you. We are looking for an experienced Security Engineer to help us support our customers. Security services are crucial for Amazon’s long-term success as a technology services company. It is the future of Amazon. We want you to be part of our team as we rapidly expand to meet our fast-growing needs.Job responsibilities include defining customer use cases and requirements, designing and prototyping security solutions, driving security value into software services, educating customers on product features and best practices, and educating stakeholders on best practices and standards. Successful candidates will be strong leaders who are well versed in customer SOC personas and tools, modern XDR, CNAPP, and SIEM solutions. Additionally, successful candidates will be excellent communicators, have a history of successful collaboration with development teams, and be experienced prototyping security software solutions.Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work. Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future. Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.#ExternalSecurityServices A day in the lifeThis role has opportunity for major industry impact as a key team working with the Open Cybersecurity Schema Framework (OCSF) across both internal stakeholders and the external community. You'll have the autonomy to take a use case from requirements to open source github PR, back to prototype implementation, and on to production mapping. About the teamYou'll be joining a small, strong team focused on ensuring our customer security teams get the value they need from our security services. We work autonomously, but closely with each other and the wider service teams as a whole.- Bachelor's degree in computer science or equivalent- Knowledge of networking protocols such as HTTP, DNS and TCP/IP- 3+ years experience in security operations with a focus in data selection, processing, or normalization- Experience with AWS products and services- Experience with programming languages such as Python, Java, C++- Knowledge of the Open Cybersecurity Schema Framework (OCSF)- Experience building scalable solutions on AWS- Familiarity with AWS services and environments with knowledge of existing AWS logs sources- Deep knowledge in security data use cases, SIEM, and SOAR solutions- Technical experience with diverse log sources across Linux, Windows, Cloud, and Network- Excellent written and oral communication skillsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit

We show restricted results, but there are more jobs available in our database, use Search to see them