Security Engineer II, Infrastructure Security Compliance

Amazon•Minneapolis, MN

About The Position

AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global infrastructure. In other words, we’re the people who keep the cloud running. We support all AWS data centers and all of the servers, storage, networking, power, and cooling equipment that ensure our customers have continual access to the innovation they rely on. We work on the most challenging problems and we’re looking for talented people who want to help. You’ll join a diverse team of software, hardware, and network engineers, supply chain specialists, security experts, operations managers, and other vital roles. You’ll collaborate with people across AWS to help us deliver the highest standards for safety and security while providing seemingly infinite capacity at the lowest possible cost for our customers. And you’ll experience an inclusive culture that welcomes bold ideas and empowers you to own them to completion. The Infrastructure Security Team is responsible for the security and risk management of the AWS Infrastructure. We build systems that detect, assess, and mitigate risk across the global infrastructure and are accountable for keeping the Amazon Infrastructure secure and compliant with customer requirements. The Infrastructure Compliance Team is looking for a Security Engineer to join our dynamic, outcome-driven team. The successful candidate is an owner who can deliver through high performing, diverse teams and who understands all parts of security, software development, deployment, and operations. You must possess strong technical networking, supply chain security and/or data center compliance background, strong verbal and written communication skills, be self-driven, demonstrate high impact and influence across teams, and deliver high quality results in a fast-paced environment. We’re looking for leaders who can lead through challenges and seek to shed light on ambiguity. If that is you, Amazon is the place to be as we solve hard problems, make history, and have fun.

Requirements

4+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
Bachelor's degree in computer science or equivalent
Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
Strong understanding of internet and networking technologies including TCP/IP, routing protocols, network architecture and security
Experience with security frameworks and compliance standards (NIST, ISO 27001, SOC 2, FedRAMP, or similar)
Excellent written and verbal communication skills with ability to articulate complex security concepts to technical and non-technical audiences

Nice To Haves

CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+
Experience in identifying security issues and risks, and developing mitigation plans
Knowledge of systems engineering fundamentals (networking, storage, operating systems)
Knowledge of one or more scripting languages (e.g., Python, Ruby, Perl)

Responsibilities

Develop, implement, and analyze security outcomes for AWS Infrastructure (networking, supply chain security, data center compliance) aligned with various compliance frameworks (e.g. NIST, FedRAMP, ISO 27001, and AWS standards)
Identify and drive mitigation of security risks, including the development of monitoring and reporting capabilities for continued compliance
Assess the impact to the business for difficult and ambiguous security risks with pragmatic, scalable solutions
Design, develop, and deploy automation tools and scripts to streamline compliance validation, audit evidence collection, and security control monitoring at scale
Build pragmatic automation solutions using Python, Bash, or other scripting languages to improve team efficiency and reduce manual toil
Develop tooling to implement automated remediation mechanisms for security and compliance gaps
Build dashboards and reporting tools to provide real-time visibility into security posture across AWS infrastructure
Serve as subject matter expert on regulatory and compliance implications for third-party audits, customer audits, and regulatory examinations
Lead compliance discussions with internal stakeholders, customers, and external auditors
Produce and catalog authoritative compliance content applicable to multiple stakeholders, improving customer response times and trust
Validate security compliance requirements on behalf of AIS builders, protecting their time and keeping them building

Benefits

health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
401(k) matching
paid time off
parental leave

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume