Security Engineer, AWS Control Tower

Job summary
AWS Control Tower is hiring Security Engineers for our new Control Engineering group. In this role, you will be part of a team that is responsible for building and maintaining an opinionated set of security controls tailored for regulated industries.
AWS Control Tower helps customers create migration-ready environments for their cloud-based applications. The service is growing incredibly fast, with an increasing number of the world's top companies trusting it to setup their AWS multi-account environment following best practices, facilitate AWS account creation, and help them meet compliance objectives.


Key job responsibilities
In this role, you will partner closely with Product Management, Engineering, and Identity teams to define and ultimately build out controls and governance capabilities into Control Tower. You will be responsible for understanding and representing how heavily regulated customers think about and organize their risk and compliance posture in the cloud. Combined with a deep understanding of security concerns associated with the entire portfolio of AWS services, you will be responsible for defining and designing an easily-managed, scalable set of preventative and detective controls that can be audited and evolved over time.

A day in the life
You will meet frequently with customers and work closely with AWS Control Tower's product, UX, and engineering teams. You will collaborate with many AWS service teams. You will get hands-on developing secure and effective Config Rules, Service Control Policies, CloudFormation Guard policies, and more. This is a senior role where you focus not only on how to achieve effective controls, but also define which controls are needed through a deep understanding of the overall landscape of challenges of cloud security.

About the team
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Work/Life Balance
Our team puts a high value on work-life balance. It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives.
Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.

Basic Qualifications

• Bachelor's degree in Computer Science, related field, or relevant work experience
• 7+ years of experience working at or with companies in highly-regulated industries, with hands-on security engineering and/or cloud infrastructure experience
• 5+ years of experience helping organizations to make strategic security and/or compliance decisions

Preferred Qualifications

• Multiple years of experience running production workloads on AWS
• Deep understanding of how to implement technology solutions that align to common industry standards and frameworks like NIST, SOX, GDPR, PCI
• Experience in Software Development, Software Delivery, or Enterprise/Security Architecture


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.