Senior Security Engineer, AWS Marketplace , AWS Marketplace

Amazon

Seattle, WA

JOB DETAILS
SKILLS
Amazon Web Services (AWS), Applications Security, Automation, C Programming Language, C++ Programming Language, Campaigns, Cloud Computing, Code Reviews, Command Line, Computer Security, Consulting, Identify Issues, Independent Software Vendor (ISV), Inside Sales, Java, Machine Tool, Market Entry Strategy, Mentoring, Microservices, Microsoft Active Server Page (ASP), Programming Languages, Python Programming/Scripting Language, Recruiting Strategy, Risk Analysis, Risk Management, Sales, Scala Programming Language, Scripting (Scripting Languages), Security Attacks, Service-Oriented Architecture (fka Distributed Object Architecture), Software Engineering, Software as a Service (SaaS), Startup, Systems Analysis, Team Lead/Manager, Team Player, Technical Leadership, Threat Modeling, Vulnerability Scanners, Web Services
LOCATION
Seattle, WA
POSTED
27 days ago
Description Application deadline: Jun 25, 2026 This position is part of the AWS Specialist and Partner Organization (ASP). Specialists own the end-to-end go-to-market strategy for their respective technology domains, providing the business and technical expertise to help our customers succeed. Partner teams own the strategy, recruiting, development, and growth of our key technology and consulting partners. Together they provide our customers with the expertise and scale needed to build innovative solutions for their most complex challenges. AWS Marketplace within ASP is a curated digital catalog where customers find, buy, deploy, and manage third-party software, data, and services to build solutions and run their businesses. Every listing represents a trust relationship between AWS, an independent software vendor, and the customer - and security is what makes that trust possible. We're looking for a Senior Security Engineer to own security for the third-party (3P) catalog. You'll set the bar for how 3P software is vetted, monitored, and protected across its lifecycle on Marketplace, and dive deep into emerging threat vectors to protect our customers. You'll also partner closely with our Application Security and Engineering teams to ensure the features we build on AWS Marketplace meet AWS's high security bar and continue to protect our customers. This role has high visibility, broad scope, and direct impact on millions of AWS customers. Key job responsibilities - Own the security strategy for the AWS Marketplace 3P catalog, including ingestion, scanning, vulnerability management, and ongoing posture monitoring of seller-provided artifacts (AMIs, containers, SaaS, data products, ML models). - Identify systemic risks across the catalog and lead remediation campaigns that span multiple teams and orgs. - Investigate and respond to security findings, vulnerabilities, and incidents involving Marketplace services and 3P content. - Partner with AppSec to drive threat modeling, secure design reviews, and code reviews for Marketplace services. - Define and raise security standards for sellers and Marketplace internal teams. Influence policy, tooling, and automation so the security bar rises without slowing the business down. - Mentor engineers across the org on secure development practices, cloud security, and threat modeling. - Represent Marketplace security in cross-AWS forums, working with AWS Security, service teams, and partner orgs. About the team Diverse Experiences AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Why AWS? Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Inclusive Team Culture AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do. Mentorship & Career Growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve. Basic Qualifications - 4+ years of non-internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools experience - 5+ years of work in identifying security issues and risks, and developing mitigation plans experience - 4+ years of (non-internship) scripting, programming, and security code review in common programming languages experience - Knowledge of at least two of the following programming languages: Scala, Java, Python, C/C++, or Go - Experience working in identifying security issues and risks, and developing mitigation plans Preferred Qualifications - Experience applying threat modeling or other risk identification techniques or equivalent - Experience with security in service-oriented architectures/microservices and web services - Experience as a mentor, tech lead or leading an engineering team - Experience (non-internship) in industry-based security vulnerabilities identification, attack patterns, and remediation techniques - Experience (non-internship) in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools - Experience (non-internship) in scripting, programming, and security code reviewing in a common programming language Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits . USA, CO, Denver - 178,400.00 - 226,700.00 USD annually USA, WA, Seattle - 178,400.00 - 226,700.00 USD annually

About the Company

A

Amazon

At Amazon, we don’t wait for the next big idea to present itself. We envision the shape of impossible things and then we boldly make them reality. So far, this mindset has helped us achieve some incredible things. Let’s build new systems, challenge the status quo, and design the world we want to live in. We believe the work you do here will be the best work of your life.

Wherever you are in your career exploration, Amazon likely has an opportunity for you. Our research scientists and engineers shape the future of natural language understanding with Alexa. Fulfillment center associates around the globe send customer orders from our warehouses to doorsteps. Product managers set feature requirements, strategy, and marketing messages for brand new customer experiences. And as we grow, we’ll add jobs that haven’t been invented yet.

It’s Always Day 1
At Amazon, it’s always “Day 1.” Now, what does this mean and why does it matter? It means that our approach remains the same as it was on Amazon’s very first day – to make smart, fast decisions, stay nimble, invent, and stay focused on delighting our customers. In our 2016 shareholder letter, Amazon CEO Jeff Bezos shared his thoughts on how to keep up a Day 1 company mindset. “Staying in Day 1 requires you to experiment patiently, accept failures, plant seeds, protect saplings, and double down when you see customer delight,” he wrote. “A customer-obsessed culture best creates the conditions where all of that can happen.” You can read the full letter here

Our Leadership Principles
Our Leadership Principles help us keep a Day 1 mentality. They aren’t just a pretty inspirational wall hanging. Amazonians use them, every day, whether they’re discussing ideas for new projects, deciding on the best solution for a customer’s problem, or interviewing candidates. To read through our Leadership Principles from Customer Obsession to Bias for Action, visit https://www.amazon.jobs/principles
COMPANY SIZE
10,000 employees or more
INDUSTRY
Other/Not Classified
FOUNDED
1994
WEBSITE
http://Amazon.com/militaryroles