Security Engineer , Global Media and Entertainment Security

Amazon•Denver, CO

About The Position

We are changing the way millions of customers interact with entertainment that enriches lives. Amazon Global Media and Entertainment delivers experiences at unparalleled scale. Whether it's launching our own studio to create original and exclusive content or connecting players and developers to the games and communities they love, Amazon Global Media and Entertainment Security is at the center of customer, builder, and content journeys. Come build with us. About the Role We are looking for a Security Engineer to strengthen our network edge defenses through data-driven security optimization. In this role, you'll support our network edge team by developing threat models, analyzing traffic patterns, and tuning security configurations to reduce detection blind spots, accelerate incident response, and fortify our defenses against application-layer attacks. As a Security Engineer within Global Media and Entertainment, you will collaborate with engineering teams to drive the implementation and validation of security controls prior to production launch. You will provide frontline support for partners on security-related issues, including design reviews, network monitoring, and emerging threat response. This role requires thought leadership as you invent and innovate to protect our customers and content at scale.

Requirements

3+ years of non-internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools experience
3+ years of work in identifying security issues and risks, and developing mitigation plans experience
3+ years of scripting, programming, or security code review in a common language, such as Python, Java or C++ experience
Experience with security in service-oriented architectures/microservices and web services
Knowledge of networking protocols, to include HTTP(S), DNS, and TCP/IP

Nice To Haves

2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
Experience in scripting, programming, or security code reviewing in a common language, such as Python, Java, or C++
3+ years of experience with WAF rule tuning and optimization
3+ years of experience troubleshooting and analyzing logs to detect and respond to anomalies, DDoS attacks, and API security threats

Responsibilities

Perform traffic analysis to identify anomalies in request headers, cookies, and payloads that indicate attacks
Design and implement custom WAF rules based on identified threat patterns balancing security with customer experience
Execute DDoS penetration testing against anti-DDoS protections to validate and enhance defense capabilities
Configure bot management solutions to distinguish between legitimate traffic and malicious actors
Build and maintain security dashboards for WAF and API metrics to improve visibility and accelerate threat detection
Develop threat models and conduct log analysis to improve security and optimization opportunities
Provide security engineering expertise to develop with security designs and security control implementation for systems that interact with the edge systems, and which have a direct impact on the Customer experience

Benefits

health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
401(k) matching
paid time off
parental leave

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume