Software Development Engineer II, Amazon Foundational Security Services

Amazon Foundational Security Services (AFSS) is seeking a Software Development Engineer to join our Identity and Access Management team, where you'll transform how Amazon secures and manages its third-party cloud infrastructure at unprecedented scale. The Identity team owns a comprehensive suite of services that support Amazon's third-party cloud usage across Microsoft Entra, Google Cloud, and other cloud platforms, including identity lifecycle management, SCIM integration, user provisioning and deprovisioning, and enterprise authentication workflows. In this role, you'll design and implement event-driven architectures that process millions of identity events daily while maintaining strict security SLAs for hundreds of thousands of users across AWS native and third-party cloud applications worldwide. Beyond identity management, you'll be instrumental in implementing and operating cloud security posture management (CSPM) solutions for continuous vulnerability scanning across Amazon's multi-cloud environments (similar to platforms like Wiz and CrowdStrike). You'll build automation for configuration-as-code frameworks (similar to Desired State Configuration and AWS Config) to ensure compliance and security baselines, develop log ingestion pipelines that aggregate security telemetry from diverse cloud platforms, and create monitoring and observability frameworks that provide real-time visibility into our security posture. Your solutions will power critical workflows including single sign-on with Entra, identity synchronization via Entra Connect, Google Workspace integration, certificate lifecycle management, and real-time access control enforcement across all Amazon businesses and teams globally. You'll work with massive data sets, collaborate with business partners and leadership to influence product vision, and contribute to the design of systems that directly impact thousands of developers and teams company-wide. This is a high-impact opportunity where you'll see all aspects of the Amazon business—from Retail websites to digital products to the inner workings of Amazon Web Services—and your work will benefit both internal teams and Amazon's external customers. We're looking for a strong engineer with a background in third-party cloud identity systems, security tooling, and infrastructure automation, with experience designing and operating technology solutions across multiple cloud providers.