Security Engineer, Amazon Application Security - Amazon.com

Key Responsibilities

• Design, implement, and maintain secure application architectures across Amazon’s cloud and on‑prem environments.
• Conduct threat modeling, risk assessments, and security reviews for new and existing services.
• Integrate security controls into CI/CD pipelines, ensuring automated compliance and vulnerability remediation.
• Collaborate with product, infrastructure, and operations teams to embed security best practices throughout the development lifecycle.
• Investigate and respond to security incidents, providing root‑cause analysis and mitigation recommendations.

Requirements

• 5+ years of experience in application security, with deep knowledge of secure coding, threat modeling, and vulnerability management.
• Proficiency with AWS security services (IAM, KMS, GuardDuty, Security Hub) and DevSecOps tooling.
• Strong scripting skills (Python, Bash) and familiarity with CI/CD platforms (Jenkins, GitHub Actions, CodePipeline).
• Excellent communication skills and ability to influence cross‑functional teams.
• Relevant certifications (CISSP, CEH, AWS Security Specialty) are a plus.