Senior Security & Compliance Engineer , AWS Security Assurance Services

Amazon

Seattle, WA

Apply

JOB DETAILS

SKILLS

AWS Lambda, Amazon Web Services (AWS), Application Programming Interface (API), Artificial Intelligence (AI), Authentication, Automation, Blog, Business Operations, C Programming Language, C++ Programming Language, C-Level Management, Cloud Architecture, Cloud Computing, Code Reviews, Coding Standards, Communication Skills, Computer Programming, Computer Security, Content Development, Continuous Deployment/Delivery, Continuous Integration, Corporate Policies, Cryptography, Customer Support/Service, DevOps, Federal Laws and Regulations, Identify Issues, Incident Response, Internet Security, Java, Large-Scale Systems, Linux Networks, MCP - Microsoft Certified Professional, Maintain Compliance, Mentoring, Messaging Middleware, Network Performance/Analysis, Organizational Development/Management, PCI, Programming Languages, Protective Services, Prototyping, Python Programming/Scripting Language, Risk, Risk Analysis, Risk Management, Root Cause Analysis, Sales Prospecting, Sales Strategy, Scala Programming Language, Scripting (Scripting Languages), Security Analysis, Security Architecture, Security Design, Software Development Lifecycle (SDLC), Software Engineering, Source Code/Configuration Management (SCM), State Laws and Regulations, Systems Administration/Management, Systems Engineering, Team Lead/Manager, Technical Leadership, Technical Writing, Testing, Threat Modeling, White Papers, Willing to Travel

LOCATION

Seattle, WA

POSTED

14 days ago

Description AWS Security Assurance Services (SAS) is hiring a Senior Security & Compliance Engineer to innovate on behalf of customers and lead prototyping and development of the security and compliance solutions. The right candidate will own security risk identification, mitigation, and engineering outcomes that span beyond a single team: designing controls, writing code, leading reviews, automating remediations, and translating compliance frameworks into secure-by-default implementations on AWS. They will lead design, deployment, and implementation of complex AWS security and compliance solutions that accomplish defined business and security outcomes, solving for new levels of scale, complexity, and performance. Key job responsibilities Engineer AI-enabled automations, lead threat modeling, security design reviews, architecture reviews & security assessments Own design and architecture choices for security and compliance automation solutions for regulated customers and influence partner-org designs. Build secure-by-default IaC modules for Landing Zones, Control Tower customizations, Zero-Trust architectures, and AI/ML workloads. Lead the design, deployment, and implementation of AWS security controls, continuous compliance monitoring, technical control validation, visualization and reporting, automated evidence collection and remediation of insecure configurations at scale. Architect custom preventive, detective, and proactive controls, e.g. service-Control- policies, Resource-Control Policies (SCPs and RCPs), policy-as-code (cfn-guard, OPA Rego, Cedar), and automated remediation workflows. Set the bar for authentication and authorization, data handling, least privilege, encryption, micro-segmentation, tagging strategy, integrations via API and MCP, and secure AI agentic design. Write and review architecture, code, scripts, IaC, including Python, Terraform, AWS CDK, CloudFormation, REGO). Lead alignment, resolve escalations, troubleshooting, and root-cause analysis to closure with peers, senior managers, and principal engineers. Lead the development of technical content: sample code, blog posts, workshops, reference architectures, whitepapers. Communicate security risk and design decisions clearly verbally and in writing to technical, non-technical, and C-level audiences. Identify and shape sales opportunities; provide input to AWS service-team roadmaps and SAS offering strategy. Travel to customer sites as needed. About the team The Security Assurance Services team, a part of Amazon Web Services, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world's workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customers. AWS Security Assurance Services LLC, a PCI-QSAC and HITRUST External Assessor Firm, is a team of industry certified assessors, Security & Compliance Engineers with DevOps and Cloud Infrastructure Architect backgrounds, helping our customers achieve, maintain, and automate security & compliance in the cloud. Basic Qualifications - 5+ years of work in identifying security issues and risks, and developing mitigation plans experience - 5+ years of (non-internship) scripting, programming, and security code review in common programming languages experience - Knowledge of at least two of the following programming languages: Scala, Java, Python, C/C++, or Go - Experience (non-internship) in scripting, programming, and security code reviewing in a common programming language - Experience (non-internship) in industry-based security vulnerabilities identification, attack patterns, and remediation techniques - Experience as a mentor, tech lead or leading an engineering team - Experience in Cyber Security and in at least one relevant technical area: large-scale systems engineering, queuing and messaging, Linux networking, performance analysis, software-defined networking - Experience in the full secure software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations Preferred Qualifications - Custom controls development, SCPs and RCPs. - Experience writing and deploying reusable policy-as-code (cfn-guard, OPA Rego, Cedar, or equivalent). - Hands-on expertise with the AWS Security Reference Architecture, AWS Organizations multi-account strategy, Well-Architected Framework, CI/CD at enterprise scale. - Expert-level knowledge of AWS security and governance services: Config, GuardDuty, Security Hub, Control Tower, Systems Manager, KMS, IAM, VPC, Lambda, CloudTrail, CloudWatch, EventBridge. - Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment - Spec-driven development; AI agentic design and Model Context Protocol (MCP) experience. - AWS certifications: Solutions Architect Professional and Security Specialty strongly preferred; additional specialty certifications a plus. - Experience producing audit-ready evidence and working with third-party assessors. Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company's reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits . USA, CA, San Francisco - 183,000.00 - 247,600.00 USD annually USA, TN, Nashville - 151,200.00 - 204,600.00 USD annually USA, TX, Austin - 178,400.00 - 226,700.00 USD annually USA, TX, Dallas - 178,400.00 - 226,700.00 USD annually USA, TX, Houston - 178,400.00 - 226,700.00 USD annually USA, VA, Arlington - 178,400.00 - 226,700.00 USD annually USA, VA, Herndon - 178,400.00 - 226,700.00 USD annually USA, WA, Seattle - 178,400.00 - 226,700.00 USD annually

About the Company

Amazon

At Amazon, we don’t wait for the next big idea to present itself. We envision the shape of impossible things and then we boldly make them reality. So far, this mindset has helped us achieve some incredible things. Let’s build new systems, challenge the status quo, and design the world we want to live in. We believe the work you do here will be the best work of your life.

Wherever you are in your career exploration, Amazon likely has an opportunity for you. Our research scientists and engineers shape the future of natural language understanding with Alexa. Fulfillment center associates around the globe send customer orders from our warehouses to doorsteps. Product managers set feature requirements, strategy, and marketing messages for brand new customer experiences. And as we grow, we’ll add jobs that haven’t been invented yet.

It’s Always Day 1
At Amazon, it’s always “Day 1.” Now, what does this mean and why does it matter? It means that our approach remains the same as it was on Amazon’s very first day – to make smart, fast decisions, stay nimble, invent, and stay focused on delighting our customers. In our 2016 shareholder letter, Amazon CEO Jeff Bezos shared his thoughts on how to keep up a Day 1 company mindset. “Staying in Day 1 requires you to experiment patiently, accept failures, plant seeds, protect saplings, and double down when you see customer delight,” he wrote. “A customer-obsessed culture best creates the conditions where all of that can happen.” You can read the full letter here

Our Leadership Principles
Our Leadership Principles help us keep a Day 1 mentality. They aren’t just a pretty inspirational wall hanging. Amazonians use them, every day, whether they’re discussing ideas for new projects, deciding on the best solution for a customer’s problem, or interviewing candidates. To read through our Leadership Principles from Customer Obsession to Bias for Action, visit https://www.amazon.jobs/principles

COMPANY SIZE

10,000 employees or more

INDUSTRY

Other/Not Classified

FOUNDED

1994

WEBSITE

http://Amazon.com/militaryroles

Resume Resources

Free Resume Templates Free Resume Builder