Sr. Security Engineer, AWS Security

Job summary
Come and join a creative, diverse, and collaborative team that is changing how we think about security! At Amazon Web Services (AWS), Security is our highest priority. AWS Security is responsible for driving innovative enhancements that raise the bar for how AWS builders interact with and understand the security facets for all their resources, systems, and data. We innovate, invent, and adapt to enable our customers to build secure services at AWS scale.

This role is open to alternative locations including: Seattle, WA – Herndon, VA – Arlington, VA – Denver, CO

Who we are: AWS Security is on the cutting edge of many security issues for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization and custom hardware, all operating at massive scale. Our team drives large scale, long-term programs across all of AWS. We dive deep into questions about security, focusing on the really big initiatives that require new thinking and creative, innovative solutions. We work with engineers all over AWS, collaborating to deliver the right results for our customers. Our purpose is to define the innovative preventative, detective, and monitoring mechanisms to enable security at scale.

Who you are: You are a creative, collaborative leader who likes to be close to the details. You are someone who's excited about cloud security. You like to get inside technology, understanding how things work, when to make subtle change, and when to disrupt the status quo to achieve the right results. You’re someone who prioritizes effectively and often. You’re a catalyst, influencing positively across diverse teams to rally support for your initiatives. You dig in with technical teams to innovate and build solutions to meet goals. You’re adept at communicating about your designs, solutions, and some of the deeply technical security domains in ways that build trust with both engineers and business leaders.

Please note: this position requires that the candidate selected be a US Citizen and must currently possess an active Top Secret security clearance. The position further requires that, after start, the selected candidate obtain and maintain an active TS/SCI security clearance with polygraph and satisfy other security related requirements

The ideal candidate will embrace and inspire innovation, exercise strong judgment and negotiation skills, possess the ability to influence without authority, thrive in an entrepreneurial and fast-paced environment, and not be hindered by ambiguity or competing priorities.

If you meet these qualifications, exude passion, and enjoy the challenges of deploying highly technical and innovative programs at massive scale, this job is for you!

Key job responsibilities
What you will do: You'll leverage your experience with vulnerability management, containers, asset ownership, first and third party software management, and or secure infrastructure media, and/or network security to investigate, understand, develop, and support elegant solutions to complex security questions. You'll bring your high standards, applying the right technologies while following security engineering best practices. You will be a security thought leader for our team and AWS Security, owning a set of long term security outcomes. You're also someone who will be setting the bar high for your colleagues, serving as a mentor to your teammates.

Why you'll love it: We are working on really hard problems and moving very fast. You will be responsible for investigating, analyzing, and developing solutions for complex security questions. You'll have the chance to exercise your skills and knowledge in domains where you're expert and build your skills in domains where your curiosity is strong. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services.

Please note: this position requires that the candidate selected be a US Citizen and must currently possess an active Top Secret security clearance. The position further requires that, after start, the selected candidate obtain and maintain an active TS/SCI security clearance with or without polygraph and satisfy other security related requirements


A day in the life
Every day is Day 1 at Amazon, so no day will be the same as any other. You'll be doing things like developing, processing, and analyzing data sets to investigate security areas of interest, working to design tools and security controls, supporting design reviews for developer tools to ensure that security objectives are met, and working across engineering teams at AWS to refine your plans and obtain buy-in to your solutions.



About the team
AWS Security works across AWS to identify threats and solutions to security challenges at scale. We want to continue to strengthen the security flywheel by delivering solutions and mechanisms that help our engineers build securely as simply as possible.

Our mission is to support and inspire every builder to make things as secure as they are innovative. Our charter is to drive Security Expectations to focus on the most critical security risks for the business. We will ensure each expectation is well understood, actionable, scalable, and supported by appropriate tooling.

Basic Qualifications

· Bachelor’s degree in Information Security, Computer Science, Risk Management, Engineering, Math, Statistics or related discipline, or 10+ years’ equivalent technology experience
· Current, active US Government Security Clearance of Top Secret or above
· 7 + years of experience in identifying security issues and risks, and developing mitigation plans
· 5+ years of project management experience and demonstrated knowledge of program management best practices
· 4+ years of experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services
· 4+ years of scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, C*, Perl, or other languages
· 2+ years of experience in one or more of the following areas: cryptography, web and network protocols, data structures and algorithms, software development, threat modeling, pen tests, vulnerability management, security assurance, asset ownership, infrastructure security
· 2+ years of experience with engagement and working with security stakeholders

Preferred Qualifications

· Have a clear understanding of cloud computing services/deployment architecture
· Demonstrate innovative security approaches in non-traditional IT environments
· Have experience generating automated metrics to measure service and program effectiveness and consistency
· Have excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences
· Have experience in the development of security products
· Demonstrable teamwork skills and resourcefulness
· Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
· Strong sense of ownership, urgency, and drive
· Sharp analytical abilities and proven design skills
· Experience defining cyber-secure architectures, design and development of asynchronous messaging platforms
· Knowledge of networking protocols and their implementations
· Strong knowledge of data structures, algorithms, asynchronous architectures and distributed algorithms
· Deep understanding of system performance tradeoffs, load balancing, and engineering for high availability
· Masters or PhD in Computer Science or Computer Security.
· Meets/exceeds Amazon’s leadership principles requirements for this role
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role



Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.