Security Engineer II, StoreSec Application Security
Listed on 2026-07-18
-
IT/Tech
Cybersecurity, AI Engineer (Applied/Software), Information Security, Data Security
Security Engineer II, Store Sec Application Security
Amazon Healthcare Security's (Health Sec) AI team is hiring a Security Engineer II to secure GenAI applications and enable secure AI adoption across Amazon Health Services (AHS). You will work at the intersection of AI for Security and Security for AI—securing AHS GenAI applications in production, hardening the AI‑SDLC for AHS builders, and building AI‑powered security tooling that scales protection across healthcare verticals including application security, network and infrastructure security, detections and monitoring, and incident response.
Working closely with AHS AI application builders and product teams, you will ensure that AI systems handling healthcare data meet HIPAA compliance and Amazon's security bar while improving security review process efficiency for both builders and peer healthcare security teams.
Key Responsibilities- Define and drive implementation of proactive security controls for AHS AI applications including GenAI chatbots, agentic systems, and LLM-powered tools
- Develop and implement security controls for the AI‑SDLC, ensuring AHS builders build secure AI applications by default
- Assess and drive mitigation of AI‑specific security risks including prompt injection, model abuse, data exfiltration, and unauthorized tool invocation at scale
- Build and/or drive adoption of AI‑powered security tooling (e.g., automated threat modeling, code scanning, security test generation) to scale security across AHS
- Drive adoption of AI security guardrails, testing frameworks, and monitoring across AHS GenAI applications
- Collaborate with AHS builder teams to integrate security guidance into AI development workflows, reducing late‑stage security findings
- Develop and maintain security documentation including AI threat models, risk assessments, and secure AI development guidelines
- Support security incident investigations related to AI systems, including prompt injection attacks and model misuse
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object‑oriented language experience
- Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
- Experience with AI/ML technologies
- Experience applying threat modeling or other risk identification techniques or equivalent
- Knowledge of common AI security risks (prompt injection, data poisoning, model extraction, insecure tool use)
- Experience with programming languages such as Python, Java, C++
- Experience with AWS or cloud technologies
- 2+ years of any combination of: AI security, threat modeling, secure coding, identity management and authentication, software development, cryptography, or application security
- Experience with security testing of LLM‑based applications or performing security activities across the SDLC (security design review, threat modeling, secure code review, security testing)
- Familiarity with HIPAA compliance requirements for healthcare data
We are an equal‑opportunity employer and do not discriminate on the basis of protected veteran status, disability, or other legally protected status.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).