Software Development Engineer III - Threat Intelligence Systems, ACTI Engineering

Amazon•Herndon, VA

21h

About The Position

The Amazon Cyber Threat Intelligence (ACTI) organization is responsible for investigating, analyzing, and defending against sophisticated cyber threats targeting Amazon's global businesses and customers. ACTI combines technical expertise, strategic analysis, and advanced tooling to identify emerging threats, track adversary activities, and provide actionable intelligence across Amazon's security ecosystem. As a Software Development Engineer within ACTI Engineering, you will architect and lead the development of mission-critical distributed systems that power Amazon's threat intelligence capabilities. You will make key technical decisions that shape our platform's architecture, designing scalable solutions that process, analyze, and correlate vast amounts of security data across Amazon's global infrastructure. Your technical leadership will directly influence ACTI's ability to detect, analyze, and respond to emerging security threats at scale. US citizenship is required for this position. A day in the life Threat Intelligence (TI) protects Amazon and its subsidiaries by proactively analyzing new security threats, identifying malicious actors, and researching the evolving threat landscape. ACTI Engineering partners with teams throughout Amazon to facilitate information sharing and increase security resilience through cross-functional collaboration. We share actionable cyber threat information and focus on continually developing collaboration and partnerships with security & intelligence teams throughout Amazon and the security industry. TI drives and enhances our ability to emulate threat actors, respond to security incidents, and to stay one step ahead of our adversaries. About the team Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why Amazon Security? At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores Inclusive Team Culture In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices. Training & Career Growth We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Requirements

5+ years of non-internship professional software development experience
5+ years of programming with at least one software programming language experience
5+ years of leading design or architecture (design patterns, reliability and scaling) of new and existing systems experience
Experience as a mentor, tech lead or leading an engineering team
3+ years of designing and developing large-scale, multi-tiered, multi-threaded, embedded or distributed software applications, tools, systems, and services using: C#, C++, Java, or Perl experience
5+ years of full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations experience

Nice To Haves

2+ years experience with threat intelligence platforms (TIP) or graph databases and query languages
Deep knowledge of malware analysis systems and security automation
Expert at designing and implementing production-grade systems with Amazon Cloud Development Kit (CDK)

Responsibilities

Define and drive the technical vision and multi-year architecture roadmap for ACTI's threat intelligence platforms, establishing technical standards and best practices that influence organization-wide engineering decisions.
Architect and lead the design of highly scalable distributed systems processing petabytes of security data, making strategic trade-offs between performance, cost, and operational complexity while ensuring long-term maintainability.
Drive cross-team technical strategy for service-oriented architectures, establishing integration patterns and API contracts that enable seamless threat intelligence workflows across multiple organizations.
Own critical technical decisions around data modeling, storage solutions, and processing frameworks with organization-level impact, evaluating emerging technologies and driving adoption of solutions that advance the state of the art.
Lead the full software development lifecycle across multiple complex systems, establishing operational excellence standards, SLA definitions, and reliability practices that serve as models for the broader organization.
Mentor and develop engineering talent across teams, conducting design reviews, establishing coding standards, and growing the technical capabilities of engineers at multiple levels.
Partner with senior leadership and threat intelligence analysts to translate strategic business objectives into scalable technical solutions, influencing product roadmaps and organizational priorities.
Build industry-leading, planet-scale intelligence tooling that sets the standard for defending against sophisticated and evolving security threats, with direct impact on Amazon's security posture.
Lead resolution of issues and establish on-call best practices, driving improvements to system reliability and reducing operational burden across the organization.
Influence technical direction beyond immediate team boundaries, contributing to architectural decisions and technical standards that impact multiple services and teams.