Sr. Security Engineer - AWS Commerce Platform

Do you love working with development teams to drive global security impact? The AWS Commerce Platform (CP) provides the back and front-end services that enable AWS customers to purchase AWS services and understand and manage their infrastructure costs. Our teams tackle some of the hardest scalability, performance, and distributed computing challenges in the world. We process trillions of events per month using stream processing techniques (Kinesis), process billions of line items via map reduce (EMR), and manage artifacts through the latest in database technologies (DynamoDB and Aurora). The AWS CP Security Team is responsible for driving innovative enhancements that raise the bar for how internal and external customers interact with cost and billing resources, systems, and data. At AWS' scale, we must invent new security tools and processes to enable system administrators and developers to build rapidly, while maintaining least privileged access. We are looking for a passionate, innovative, results-oriented security engineer to improve AWS CP's overall security posture.

As an AWS CP Security Engineer, you will work directly with software development teams and application security engineers to solve technical, process, and cultural security challenges. You will propose strategic and tactical security initiatives and lead them to completion. You will dive deep with development teams and tackle complex architecture and engineering challenges that require support from multiple stakeholders and potentially multi-year execution plans. You’ll think globally when building systems, ensuring AWS builds high performing, scalable, and secure systems that that delight our internal and external customers. You will translate business needs into workable technology solutions. Your expertise is deep and broad and you are capable of being hands-on as well as strategic.

Successful candidates love working directly with software developers and application security engineers to understand their needs, and design security systems and solutions that enable developers to operate more quickly. You are passionate about the security of the cloud and you want to solve real business problems. We are looking for leaders who like to solve problems, and remove obstacles. We have a team culture that encourages innovation and we expect team members and management alike to take high degree of ownership for their program vision and execution of ideas. You will have the opportunity to engage with systems that are at the cutting edge of technology. You will work directly with AWS service teams, infrastructure and administrative teams to identify opportunities to improve AWS’ security posture. You will design and build tooling, facilitate process improvements and work with service owners and cutting edge technology to develop innovative, simple solutions to complex technical challenges. You can prioritize well, communicate clearly, and have a consistent track record of delivery. You are proactive in removing roadblocks, and can handle multiple competing priorities in a fast-paced environment. You will be a positive influencer across diverse teams, be able to effectively rally support for your initiatives.

Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

We have a formal mentor search application that lets you find a mentor that works best for you based on location, job family, job level etc.

We offer flexibility in working hours and encourage you to find your own balance between your work and personal life.


This role is available for hire in the following locations: Arlington, VA; Herndon, VA; Tempe, AZ; and Seattle, WA.

Basic Qualifications

· 7+ years of systems engineering, security engineering, and/or software development
· 2+ years of experience supporting development teams that delivered commercial software or software-based services
· 2+ years of scripting experience using a modern, high-level language (e.g. Python)
· Bachelor's degree in Engineering, Computer Science or related technical field
· Detailed knowledge of system security vulnerabilities and remediation techniques

Preferred Qualifications

· Broad experience in multiple knowledge domains, including: Networking, Cryptography/Encryption, AuthN/AuthZ, Systems Security, Application Security, Cloud Infrastructure, Identity and Access Management, Databases, Security Operations, and/or Incident Response
· Deep knowledge of networking and web protocols
· Experience building and/or securing service-oriented architectures
· Experience implementing and leading others to perform threat modeling or other risk identification techniques
· Experience designing and building security products and services to address complex security challenges at scale
· Strong sense of ownership combined with collaborative approach to overcoming challenges and influencing organizational change
· Ability to communicate effectively, orally and in writing, with both technical and non-technical stakeholders
· Meets/exceeds Amazon’s leadership principles requirements for this role
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.