Senior Security Engineer, AWS Identity, AWS Identity Security

Amazon•Austin, TX

2d•Onsite

About The Position

Come help us secure critical platform services in the AWS cloud and deliver world-class defense for AWS customers! Amazon Web Services (AWS) Identity and Governance service teams build and operate identity, authentication, and authorization stack for the AWS cloud, and build services that enable customers to manage access and governance across their AWS environments at scale. AWS Identity and Governance services empower customers to confidently and securely execute their workflows with flexible controls which meet their individual security requirements. As a Senior Security Engineer at Amazon, you will lead the design, development, and implementation of high priority security features that protect our global infrastructure, products, and customer data. This role combines deep security expertise with advanced software engineering capabilities to build scalable security systems and frameworks. We are seeking an experienced software engineer who brings both skills and passion for raising the security bar.

Requirements

4+ years of non-internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools experience
5+ years of work in identifying security issues and risks, and developing mitigation plans experience
4+ years of (non-internship) scripting, programming, and security code review in common programming languages experience
Knowledge of at least two of the following programming languages: Scala, Java, Python, C/C++, or Go
Experience (non-internship) in scripting, programming, and security code reviewing in a common programming language
Experience (non-internship) in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools
Experience working in identifying security issues and risks, and developing mitigation plans
Experience (non-internship) in industry-based security vulnerabilities identification, attack patterns, and remediation techniques
Experience as a mentor, tech lead or leading an engineering team
Bachelor's degree in Computer Science, Information Technology, or a related field
1+ years of network and operating system support, or 4+ years of software development experience
Experience in technical leadership of development, testing, and implementation of large-scale, complex technology projects
Knowledge of security technology and concepts (Authentication, Authorization, Single sign-on, Cryptography, etc.)
Experience architecting/operating solutions built on AWS
Experience with security in service-oriented architectures and web services
Knowledge of at least one programming language such as Java, C#, JavaScript, Python, Ruby or Perl
Relevant knowledge of threat modeling and secure coding practices

Nice To Haves

Experience applying threat modeling or other risk identification techniques or equivalent
Experience with security in service-oriented architectures/microservices and web services
Master's degree or equivalent in computer science, computer engineering, or related field, or PhD
Experience implementing security solutions at the cross-team level
Experience working with fast-moving, high-performance teams and driving innovative solutions tailored to unique business environments
Experience working effectively across cross-functional teams and partnering well with people at all levels within an organization
Experience in ownership of projects and communicating timelines and executing independently
Experience effectively communicating complex concepts through written and verbal communication
Sharp analytical abilities and proven system design skills

Responsibilities

Lead design, development and implementation of complex security initiatives that impact organization-wide security posture
Build automated security testing frameworks
Build prototypes and proofs of concept to demonstrate feasibility for new, innovative security technologies
Implement security fixes in Java, Python or other relevant languages
Provide technical mentorship to junior engineers and establish security engineering best practices
Partner with software development teams to build security controls directly into the development lifecycle
Lead security incident responses and drive root cause analysis for complex security events
Influence product roadmaps by providing security expertise during planning phases
Drive technical direction for security projects impacting multiple teams or organizations
Author and maintain technical design documents for security systems and controls
Review and approve security architecture proposals and technical implementation plans
Lead security reviews for critical systems and applications
Partner with Product, Operations, and Development teams to drive security improvements
Represent security engineering in senior-level technical discussions
Mentor junior security engineers and develop team capabilities
Drive security best practices across engineering organizations

Benefits

health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
401(k) matching
paid time off
parental leave
sign-on payments
restricted stock units (RSUs)

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume