Security Engineer II, Stores AppSec

Welcome to Team LOAF. Our mission is to prevent security vulnerabilities from reaching production by identifying root causes and building scalable solutions that eliminate findings at their source. What We Do Team LOAF focuses on systemic security improvement across the organization. We investigate significant vulnerabilities to uncover patterns, then build preventative mechanisms that reduce recurrence with minimal builder effort. Rather than simply remediating individual findings, we address the underlying causes that generate them at scale. We prioritize our work based on impact, targeting business units with the highest volume, severity, or concentration of security findings. Our solutions (paved paths, secure defaults, and reusable components) benefit broad segments of builders across the organization. How We Work Our approach combines deep technical analysis with scalable automation: Root Cause Analysis: We perform thorough investigations of vulnerabilities using both manual research and AI-powered tooling to identify systemic patterns across the security landscape Preventative Mechanisms: We design and implement frameworks and components that shift security left in the development lifecycle Security Dashboards: We build dashboards for teams, leadership, and customers that surface trends, highlight risky concentrations, and track remediation velocity AI-Driven Analysis: We're maturing an LLM-based engine to automate pattern detection across large datasets, enabling analysis at scale across 75M+ findings Cross-Functional Partnership: We collaborate closely with AppSec, tooling teams, security reviewers, and business units to ensure our solutions are both technically sound and practically adopted Your Impact As part of Team LOAF, you'll deliver systemic security improvements that prevent findings from reaching production, reduce builder toil, and advance the security control landscape through scalable, automated solutions. Your work will have measurable impact across the organization's security posture. About the team About Amazon Security Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security? At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices. Training & Career Growth We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.