Senior Security Engineer

Would you like to help implement innovative cloud computing solutions and solve the most complex technical problems? Are you excited by the prospect of helping to build and run the world's largest cloud computing infrastructure?

Amazon Web Services (AWS) builds and operates some of the largest internet infrastructure on the planet; providing companies of all sizes with an infrastructure web services platform in the cloud. With AWS, customers provision compute power, storage, database, and other cloud resources as their business demands them. To meet the growing demand for AWS Services around the globe, we need exceptionally motivated people who are driven by learning and innovation.

This is an opportunity to operate and engineer systems on a massive scale, and to gain world class experience in cloud computing. You'll be surrounded by people who are passionate about cloud computing, believe that first class service is critical to customer success, and are committed to improvement.

Top reasons to join our team

• Be a catalyst to deliver a truly disruptive products that are growing rapidly
• Influence and design distributed systems design at massive scale
• Lead technical road maps and innovation plans, both internally and with external customers and suppliers, with a focus on security architecture
• Mentor and coach engineering teams to provide direction, oversight and a clear path to secure architecture design and implementation

What does a Senior Security Engineer do at Amazon?

The Senior Security Engineer will be a hands-on leader who is able to combine deep security learnings with cloud technology to drive the program architectural roadmap. You will collaborate with our customers and suppliers to model security requirements against Amazons cloud capabilities. You will work closely with engineering teams, program management and senior stakeholders to translate requirements into achievable designs that raise the bar for Amazon. Once delivered, you will play a pivotal role in ensuring that across our program Amazon continually exceeds the high security bar that is expected by our customers.

As a security advocate you will be expected to function across Amazon teams ensuring that the strategic architecture is met across design, implementation, deployment and operation; playing a key role in defining the mechanisms that Amazon will use to validate how are services are meeting all the security operational controls.

Communication is an integral part of this role, and there is an expectation that you will engage with stakeholders on planning and communication of project deliverables. You may also be called upon to support operational integrity and, in the event of problems, be able to troubleshoot, research root cause, and contribute to thoroughly resolve defects whilst maintain ongoing communication with stakeholders and customers.

The Role

The role will be pivotal to the technical success of the program. You will operate at the confluence between the customer and the AWS, identifying, applying and evaluating secure design patterns across our cloud architecture.

You will be expected to own the secure design of AWS Cross Domain Services, lead threat modelling activities, define integrated cloud security architectures and support global engineering teams in realising the primary security patterns and ultimately your vision. Your time will be equally spent with our internal AWS stakeholder team, the service engineering teams and our external partners.
Specifically:

• You will be Amazon’s voice in technical security engagements, ensuring we continually obsess on customer needs, and building trust through clear and accurate architectural reviews and assessments
• You will direct and lead on changes that alter our threat models, evaluating our security posture and driving appropriate architectural mitigations across our services
• You will take the lead in reviewing designs, challenging patterns and principles, setting precedent and direction, and indexing on security whilst adhering to cloud best practices
• You will maintain the balance between achievability and affordability in our designs, ensuring the right stakeholders are informed and engaged every step of the way
• You will establish security requirements for cloud-based solutions by evaluating business strategies and requirements; implementing security standards such NCSC Security Principles, NIST CSF, FIPS, or CSA as appropriate

Inclusive Team Culture

Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Work/Life Harmony

Our team also puts a high value on work-life harmony. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here.

Mentorship & Career Growth

Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.


Key job responsibilities

Basic Qualifications

• Experience leading the design, implementation and delivery of security for cloud native, distributed computing with a principle of “Secure by Design” and “Defence in Depth”
• Skilled in Threat Modelling and generating technical security requirements to support agile software development and product teams
• Knowledge of content filtering techniques, tokenization within sensitive data flows and cryptographic techniques
• Knowledge of physical and logical secure network design, UDP/TCP protocols and cloud topologies
• Experience writing technical documents, project plans and progress reports to leadership, stakeholders, engineers and customers
• Strong knowledge of Computer Science fundamentals, including; data structures, object-oriented programming, design and analysis of algorithms
• Proficient in at least one modern programming language such as Rust, Kotlin, GoLang, Java, C++, Python, C#, TypeScript etc used in the development of software solutions across complex production environments

Preferred Qualifications

• Knowledge of Cross Domain Solution architectures
• Experience in applying CISSP CBK domain controls to distributed systems (for example Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management etc)
• Experience with common attack patterns and exploitation techniques. Ability to write fully functional exploits for common vulnerabilities such as simple stack overflow, cross-site scripting, or SQL injection
• Experience in managing information security events and incidents for large, sophisticated networks
• Ability to lead external security testing (ITHC, Penetration Testing, etc) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service solutions


Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial +44 800 086 9884 (tel:+448000869884). If calling from Ireland, please dial +353 1800 851 489 (tel:+3531800851489).