Security Engineer, SPEAR OS2

Job summary
*Come help us secure data facilities across the globe!* The Amazon Web Services (AWS) Special Programs, Evaluations, Assessments, & Response (SPEAR) Operations Support and Services (OS2) Team is scaling to support the exponential growth of data facilities and associated security functions. We are looking for a talented, and motivated Security Engineer to become a key member of the SPEAR OS2 team. As a Security Engineer, you will be responsible for ensuring the SPEAR team's services, applications, and websites are designed and implemented to the highest security standards, thus maintaining and enhancing partner and customer trust. The person in this role will dive deep into security technologies to help deliver end-to-end solutions, and ensure these tools are secure. Will work independently with minimal oversight, and in concert with OS2’s partners on other SPEAR teams as well as Data Center (DC) Security, Application Security, the AWS Security Operations Center (SOC), and AWS Management to deliver unique solutions to empower SPEAR in its mission to raise the bar for AWS physical security.

KEY RESPONSIBILITIES:

* Deliver and maintain customized solutions on native AWS web applications (using services like Lambda, S3, DynamoDB, CloudFront, and EC2) for use by SPEAR teams and our partners.
* Ensure that all SPEAR tools maintain the highest security standards, following all relevant policies and industry best practices, while passing all necessary internal security audits.
* Drive improvements to documentation and processes to ensure SPEAR teams are empowered to appropriately handle security issues in their domain.
* Identify and test innovative new ways that technology can enhance SPEAR’s mission.

About Us
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Work/Life Balance
Our team puts a high value on work-life balance. It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives.

Mentorship & Career Growth

Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.

**This role is open to alternative locations including: New York, NY – Boston, MA – Seattle, WA - Vancouver, BC Canada - Herndon, VA – Arlington, VA – Baltimore, MD – San Luis Obispo, CA – San Diego, CA

Basic Qualifications

The basic qualifications listed below are representative of the knowledge, skill, and/or ability required to perform this job:

* Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
* 2+ years experience in software security.
* 2+ years experience with secure web application development (e.g., JavaScript, Python,).
* 1+ years experience building and maintaining native AWS services.
* 1+ years experience threat modeling.

Preferred Qualifications

The preferred qualifications listed below are representative of the knowledge, skill, and/or ability required to perform this job:

* Experience with secure web application development and penetration testing (application and infrastructure preferred).
* Knowledge of professional software engineering practices and best practices for the full software development life cycle (e.g., coding standards, code reviews, source control management, build processes, testing).
* Ability to drive technical projects while balancing trade-offs, reducing risk, and introducing automation and efficiencies
* Experience in communicating with users, other technical/non-technical teams, and all management levels to collect requirements, describe software product features, and technical designs.
* Proven track record of partnering with geographically dispersed team members.
* Meets/exceeds Amazon’s leadership principles requirements for this role.
* Meets/exceeds Amazon’s functional/technical depth and complexity for this role.




Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.