Security Engineer II, AWS Applied AI Solutions Security

Amazon•Seattle, WA

About The Position

As part of the AWS Applied AI Solutions organization, we have a vision to provide business applications, leveraging Amazon's unique experience and expertise, that are used by millions of companies worldwide to manage day-to-day operations. We will accomplish this by accelerating our customers' businesses through delivery of intuitive and differentiated technology solutions that solve enduring business challenges. We blend vision with curiosity and Amazon's real-world experience to build opinionated, turnkey solutions. Where customers prefer to buy over build, we become their trusted partner with solutions that are no-brainers to buy and easy to use. As an AI Security Engineer (SecEng), you will collaborate with our development teams to ensure we keep our customers safe while developing novel AI-powered services. The ideal candidate combines deep technical security acumen with specialized expertise in AI/ML security and an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with deep expertise in AI security, including model security, adversarial ML, secure AI development practices, and agentic AI security. In their communication, they will clearly articulate AI-specific risks—from model poisoning to prompt injection to data exfiltration through AI agents—to technical and non-technical audiences alike. Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing AI security risks to guide their partners towards secure AI solutions.

Requirements

3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
3+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience
Bachelor's degree in computer science or equivalent
Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or 2+ years of IT Security experience
Knowledge of networking protocols such as HTTP, DNS and TCP/IP
Knowledge of industry-based security vulnerabilities and remediation techniques
Experience in scripting, programming, and security code reviewing in a common programming language (non-internship)
Experience in troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship experience)

Nice To Haves

3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
2+ years of scripting, programming, or security code review in a common language, such as Python, Java or C++ experience
Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
Knowledge of networking protocols, to include HTTP(S), DNS, and TCP/IP
Experience with AWS products and services
Experience with programming languages such as Python, Java, C++
Experience in scripting, programming, or security code reviewing in a common language, such as Python, Java, or C++
Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing

Responsibilities

Creating, updating, and maintaining threat models specifically for AI/ML systems, including LLMs, agentic AI platforms, model training pipelines, and AI inference services
Security architecture and design guidance for AI systems, including secure model deployment, AI agent orchestration security, and AI supply chain security
AI-specific secure code review for ML training pipelines, inference services, and agentic AI frameworks,
Manual and automated secure code review for AI/ML applications and supporting infrastructure
Application security reviews
Secure architecture design and Threat modeling
Projects and research work as needed development teams
Security guidance documentation
Security metrics delivery and improvements
Security analysis of AI agent tool use, function calling, and external integrations
Data privacy and security review for AI training data, including PII detection, data lineage tracking, and secure data handling in ML pipelines
Model governance and security controls for model versioning, access control, and audit logging
Security training and outreach for AI/ML development teams on secure AI development practices
Independently solve AI security problems that require novel methods or approaches
Influence your team's and partners' process, priorities, and choices to improve AI security outcomes
Drive adoption of responsible AI practices and AI risk management frameworks

Benefits

health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
401(k) matching
paid time off
parental leave

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume