Senior Security Engineer, Ads Security

Job :  |  Services LLC

The Ads Security organization at Amazon is dedicated to creating innovative technical solutions that detect, assess, and mitigate security risks within Amazon’s Advertising businesses. Our vision is to accelerate the development velocity of the Advertising business by ensuring that our products are inherently secure. We are seeking a talented Senior Security Engineer to join our team, where you will have the opportunity to contribute to securing web applications and services critical to delivering exceptional customer and partner experiences at scale in Amazon Ads.

• You are a security engineer first, with a builder's mindset and a track record of shipping AI powered solutions that solve real security problems  don't just experiment with AI. You've deployed it in production, measured its impact, and iterated based on outcomes.
• You have deep, hands on expertise in security engineering fundamentals: threat modeling, secure system design, vulnerability analysis, incident response, and defensive architecture. You understand attacker methodologies and think about security from first principles, not just tool outputs.
• You have proven experience building security solutions powered by AI that operate reliably  are comfortable navigating ambiguity, defining problems before solving them, and influencing others through technical depth and clear communication. You set the bar for engineering quality on your team and raise the level of everyone around you.
• You are energized by the opportunity to pioneer a new discipline: applying generative AI and agentic systems to security challenges that were previously unsolvable through automation alone. Your role will be pivotal in ensuring the protection of customer data and critical infrastructure within the Ads organization.

• Design and build AI powered security automation solutions to fix security issues at scale.
• Develop and maintain agentic AI workflows that enable faster security issue resolution.
• Build evaluation frameworks and feedback loops to continuously measure and improve the accuracy, reliability, and safety of AI driven security tools.
• Partner with other teams at Amazon to fine tune models for specific use cases in Amazon Ads, including anomaly detection, log analysis, and natural language security querying.
• Define technical roadmaps for security automation initiatives, influencing org level priorities and driving alignment across partner teams.
• Author and review technical design documents, threat models, and architecture proposals for security automation services.
• Mentor engineers across the organization on best practices such as secure AI/ML system development and security automation patterns.
• Establish operational excellence standards for AI security systems, including monitoring, alerting, and human in the loop safeguards.
• Participate in on call rotations for security automation services, ensuring rapid response to production incidents and service degradation.
• Provide regular updates to leadership on project status, risks, and strategic decisions through written narratives and review mechanisms.
• Contribute to operational planning (OP1/OP2) including goal setting, resource planning, and roadmap prioritization for the team.
• Participate in helping to grow and develop a high performing engineering team.
• Support team development through code reviews, technical mentoring, career coaching, and fostering a culture of continuous learning.
• Perform ad-hoc security related initiatives as needed.

• 5+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing experience.
• 2+ years of demonstrated experience utilizing AI/ML technologies for security use cases, including prompt engineering, LLM integration, or ML pipeline development.
• Strong programming proficiency in Python, with additional experience in at least one of:
  Java, Go, Rust, or Type Script.
• Experience with cloud security architecture (AWS preferred) including IAM, VPC, KMS,…