Security Engineer, Identity & Access Management

Job summary
At Amazon, we are obsessed with customer trust. Information Security enables Amazon business leaders to securely develop and operate to maintain Customer Trust by guarding the confidentiality and integrity of Amazon and customer data.
Our teams focus areas include: Enterprise Access risk reduction, access health best practices, managing preventive and detective access health controls. Our mission includes instilling awareness to safeguard all customer and employee data, applications, services, and assets. To accomplish this, we unite with Amazon organizations to build access control best practices into enterprise-wide systems.

Key job responsibilities
This role is for a Security Engineer - Identity & Access Management (IAM) who will be part of the Access Health team. This role will focus on supporting successful, on-time completion of Access Risk management initiatives. Utilizing a combination of processes, technologies and standards, this role aims to drive assigned Access Risk reduction tracks towards closure.

A day in the life
Your day-to-day job responsibilities will include:
· Take on initiatives to improve authentication and authorization posture for various services at scale.
· Create and execute Access Risk reduction controls, defenses and detection measures.
· Develop and maintain data driven metrics to demonstrate initiative progress.
· Evaluate and investigate access health events to determine patterns for potential risks.
· Demonstrate the ability to communicate effectively at various organization levels.
· Build consensus, secure commitments, and negotiate to deliver positive outcomes.
· Work on identifying root causes for any risks, potential recurrence and suggesting compensatory controls.
· Develop knowledge management articles, FAQs for stakeholder reference.

Basic Qualifications

· 5+ years as a Security Engineer or Security Advisor in Identity & Access Management.
· Deep understanding and knowledge of Identity Lifecycle concepts and Identity Governance concepts.
· Experience in implementing Role/Attribute based access controls and access compliance automation.
· Experience in triaging and resolving events related to access risks.
· 5+ years of experience in generating advanced reports using scripts, macros etc.
· Effective written and oral communication to communicate at both business and technical stakeholders
· Ability to derive data driven patterns and generate meaningful metrics.

Preferred Qualifications

· Experience in supporting Access Risk Management initiatives in large firms.
· Conceptual knowledge of AWS cloud services and terminology.
· Experience in building access risk detection models and tools.


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.