Security Engineer II, AWS Cloud Security Response

About The Position

Requirements

• 3+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
• Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or 2+ years of IT Security experience
• Experience as a mentor, tech lead or leading an engineering team
• Experience collaborating and influencing multiple teams across multiple organizations
• Experience with cloud services, cloud infrastructure, or cloud security concepts.
• 4+ years of experience in information security, security operations, or security engineering.

Nice To Haves

• Experience developing code-level fixes or security patches for production cloud services.
• Deep understanding of IAM policies, roles, service principals, and access control mechanisms.
• Experience building automation to scale security operations or incident response processes.
• Experience with proactive security engineering such as identifying systemic patterns, building feedback loops, or driving shift-left security initiatives.
• Experience with AWS services and infrastructure at the code or architecture level.
• 2+ years of working with Data & AI related technologies, including, but not limited to, AI/ML, GenAI, Analytics, Database, and/or Storage experience.

Responsibilities

• Identify recurring security patterns across AWS services and drive proactive solutions that address root causes and prevent classes of issues.
• Build automation to scale incident response procedures, improving efficiency and reducing manual effort across the team’s global operations.
• Own and drive security issues from identification through resolution, bringing informed risk assessments and security judgment to every engagement with service teams.
• Independently reproduce and validate reported security issues to develop a deep understanding of the vulnerability, its exploitability, and its potential customer impact.
• Investigate and analyze security data across multiple sources to scope the impact of security issues and inform remediation priorities.
• Develop and validate remediations through hands-on code engagement, partnering with service teams to close security issues through code.
• Communicate the state of security issues to technical and non-technical audiences at all levels of seniority, up to and including the AWS Chief Information Security Officer. Escalate when the pace of resolution does not match the impact to customers.

Benefits

• sign-on payments
• restricted stock units (RSUs)
• health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
• 401(k) matching
• paid time off
• parental leave