Security Engineer II, AWS Cloud Security Response

DescriptionThe AWS Cloud Security Response team operates on the ‘AWS’ side of the Shared Responsibility Model, protecting our customers by ensuring the security of AWS Cloud services. Our engineers independently investigate and resolve security issues across 200+ AWS products, working hands-on with service code, security data, and cloud infrastructure at massive scale.This role goes beyond coordination. You will apply security judgment to drive outcomes, close security gaps through code, and build automation that scales how we respond to security issues. You will think strategically, identifying patterns that point to systemic risks and driving proactive solutions before issues recur.We are looking for security professionals who bring deep technical curiosity and the judgment to operate autonomously in a fast-paced, ambiguous environment. You will leverage the latest technology and tools to augment your capabilities, and you will partner closely with engineering teams to achieve security outcomes.Successful Candidates Should Exercise independent security judgment to assess risk, form informed opinions on severity, and drive engineering teams toward the right outcomes. Take a hands-on investigative approach to security issues, building deep technical understanding of risk and customer impact. Be technically proficient across security domains including network and operating system security, cryptography, software security, and incident response. Communicate complex security issues clearly to both technical and non-technical audiences at all levels. Challenge flawed analysis and escalate to senior leadership to ensure the best outcome for customers, even against consensus. Work effectively in AI-augmented workflows, using generative AI tools to accelerate security work. Mentor and coach junior engineers on security practices and professional growth. Drive security outcomes across organizational boundaries, partnering effectively with service teams and peer security teams.An ideal candidate should be able to conduct most of the following: Close security gaps through code, working alongside service teams to develop and validate remediations. Navigate complex IAM and access control issues with confidence and technical depth. Build automation that improves how the team operates at scale. Think proactively, identifying systemic security themes and driving solutions that prevent classes of issues. Engage with cloud services at the architectural level, understanding how they work in order to assess and address risk.Key job responsibilities Identify recurring security patterns across AWS services and drive proactive solutions that address root causes and prevent classes of issues. Build automation to scale incident response procedures, improving efficiency and reducing manual effort across the team’s global operations. Own and drive security issues from identification through resolution, bringing informed risk assessments and security judgment to every engagement with service teams. Independently reproduce and validate reported security issues to develop a deep understanding of the vulnerability, its exploitability, and its potential customer impact. Investigate and analyze security data across multiple sources to scope the impact of security issues and inform remediation priorities. Develop and validate remediations through hands-on code engagement, partnering with service teams to close security issues through code. Communicate the state of security issues to technical and non-technical audiences at all levels of seniority, up to and including the AWS Chief Information Security Officer. Escalate when the pace of resolution does not match the impact to customers.A day in the lifeAs part of our follow-the-sun rotation, you will receive a handoff from global peers and take ownership of security issues presently in-flight. The issues could relate to any of our 200+ AWS products, so you will often need to learn on-the-fly.Your first task may be to reproduce a newly reported vulnerability, working through service code and infrastructure to confirm the issue and assess the real-world risk. From there, you will analyze security data to understand whether customers have been impacted and determine the scope. You will engage service team engineers with a clear explanation of the issue, your reproduction details, and your recommended path forward.As the day progresses, new issues will be assigned to you based on workload. You will triage them, determine their level of impact, and work toward resolution at the appropriate pace. For some issues, you will develop code-level remediations or build automation to address the problem at scale. Throughout the day, you will balance driving individual issues with identifying patterns across your caseload that point to systemic security gaps.At the end of the day, you will document your work to allow the incoming shift to continue driving issues to resolution.About The TeamCloud Response is a team within AWS Security Operations. This team is broadly responsible for the ‘AWS’ side of the Shared Responsibility Model, providing oversight of security issues from identification through resolution. Cloud Response operates follow-the-sun with teams based in four geographical locations.We are evolving toward a model where our engineers are hands-on technical investigators who drive security outcomes through code, automation, and deep understanding of AWS services. We work with AWS service teams to ensure security issues are resolved with the right level of urgency while keeping stakeholders informed throughout the issue lifecycle.Diverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.Basic Qualifications 3+ years of scripting, programming, and security code review in a common programming language (non-internship) experience Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or 2+ years of IT Security experience Experience as a mentor, tech lead or leading an engineering team Experience collaborating and influencing multiple teams across multiple organizations Experience with cloud services, cloud infrastructure, or cloud security concepts. 4+ years of experience in information security, security operations, or security engineering.Preferred Qualifications Experience developing code-level fixes or security patches for production cloud services. Deep understanding of IAM policies, roles, service principals, and access control mechanisms. Experience building automation to scale security operations or incident response processes. Experience with proactive security engineering such as identifying systemic patterns, building feedback loops, or driving shift-left security initiatives. Experience with AWS services and infrastructure at the code or architecture level. 2+ years of working with Data & AI related technologies, including, but not limited to, AI/ML, GenAI, Analytics, Database, and/or Storage experience.Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.USA, WA, Seattle - 159,300.00 - 202,400.00 USD annuallyCompany - Amazon.com Services LLCJob ID: A10430725