Sr. Security Engineer, AWS Security

Job Overview

Amazon Web Services (AWS) Identity and Governance teams build and operate the identity, authentication, and authorization stack for the AWS cloud. We are seeking a Senior Security Engineer to lead the design, development, and implementation of security solutions that protect our global infrastructure, products, and customer data.

• Lead complex security initiatives across multiple service teams and drive architectural decisions that impact organization‑wide security posture.
• Build automated security testing frameworks and continuous security monitoring systems.
• Build prototypes and proofs of concept to demonstrate feasibility for new, innovative security technologies.
• Design and implement scalable security solutions using Java, Python, Go, or other relevant languages.
• Provide technical mentorship to junior engineers and establish security engineering best practices.
• Partner with software development teams to build security controls directly into the development lifecycle.
• Lead security incident responses and drive root cause analysis for complex security events.
• Influence product roadmaps by providing security expertise during planning phases.

• Drive technical direction for security projects impacting multiple teams or organizations.
• Author and maintain technical design documents for security systems and controls.
• Review and approve security architecture proposals and technical implementation plans.
• Lead security reviews for critical systems and applications.
• Partner with Product, Operations, and Development teams to drive security improvements.
• Represent security engineering in senior‑level technical discussions.
• Mentor junior security engineers and develop team capabilities.
• Drive security best practices across engineering organizations.

The Identity Security team partners with AWS Identity, Governance, and Infrastructure as Code services to reduce risk in our services as they’re built and throughout their lifecycle. The team collaborates directly with software engineers to prevent security issues from being introduced at the time of design and development. We proactively look for unknown threats in our services to identify and fix them before they can impact customers.

When security issues are detected, we support teams with their response to minimize the impact to customers while determining what can be done to prevent the issue from happening again. In addition to diving deep with individual services, we also own security efforts that raise the security bar across a broad range of services.

• Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity, or other related discipline.
• Experience operating as a software developer on highly scaled distributed systems.
• Experience in security engineering and network technologies (PCAP, Netflow), operating systems and network security, common attack patterns and exploitation techniques.
• Experience with security operations, incident response, threat hunting, and assurance methodologies.
• Practical knowledge of system security analysis techniques such as threat modeling and attack graphs.
• Expertise in writing run‑books, conducting complexity analysis, executing vulnerability scans, and reviewing vulnerability assessment reports.
• 5+ years of software development or security engineering experience.

• Experience effectively communicating complex concepts through written and verbal communication.
• Masters or PhD in Computer Science or related field.
• Experience on a Red Team or implementing proactive security practices in a professional setting.
• Experience leading large‑scale security projects.
• Sharp analytical abilities and proven system design skills.
• Ability to accomplish stretch goals in a highly innovative and fast‑paced environment.
• Excellent leadership, teamwork, and collaboration skills.
• Strong sense of ownership and drive.

The base salary range for this position is $ to $ USD annually. Your Amazon package will include sign‑on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience,…