Security & Compliance Engineer I, AWS Security Assurance Services, LLC

AWS Security Assurance Services (SAS) is hiring an Associate Security & Compliance Engineer to help build and operate AWS security and compliance solutions for highly regulated customers. You will execute your team's security processes, contribute to runbooks and tooling, write and review code and Infrastructure-as-Code, and help ship secure-by-design implementations aligned to compliance frameworks (SOC2, HIPAA, PCI-DSS, CIS, NIST, FedRAMP).

You'll work on well-defined security problems with regular checkpoints from your team, learn from peer review, and grow your skills in secure design, threat modeling, and AWS security engineering. You will be a reliable contributor on customer engagements and a strong security advocate within your team.

Key job responsibilities

• Implement custom security controls, enforcements, detections, and automated remediations
• Contribute to Infrastructure-as-Code modules for Landing Zones, AWS Control Tower customizations, and security baselines using Terraform, AWS CDK, or CloudFormation.
• Write Python and policy-as-code (cfn-guard, OPA Rego, Cedar) to extend preventive and detective controls.
• Participate in code, IaC, and design reviews; provide constructive feedback
• Contribute to POCs on emerging technologies; implement components, run experiments, and document findings so the team can build on the results.
• Implement continuous compliance monitoring checks, evidence collection automations, and reporting dashboards.
• Help identify, confirm and document risks and mitigations during design and implementation stages of customer engagements.
• Apply common risk trade-offs (e.g., tactical compensating controls vs. addressing root causes) under guidance.
• Contribute to runbooks, tools, and other security mechanisms used by the team and customers.
• Participate in operational support; help ensure root causes of operational and security issues are identified and resolved.
• Follow established procedures to diagnose problems, and escalate appropriately when blocked.
• Communicate security risk for low-complexity problems clearly in writing and verbally to your team and direct leadership.
• Solicit differing views and learn from peer feedback.
• Travel to customer sites as needed.

About the team

The AWS Security Assurance Services team, within AWS Support, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world's workloads requires reliable delivery of bar-raising security outcomes and investment in security mechanisms and automation on behalf of our customers.

AWS Security Assurance Services LLC, a PCI-QSAC and HITRUST External Assessor Firm, is a team of industry-certified assessors and Compliance Engineers with DevOps and Cloud Infrastructure Architect backgrounds, helping our customers achieve, maintain, and automate compliance in the cloud by tying applicable audit standards to AWS service-specific features and functionality. The SAS team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud.