Description
- 6+ years of experience in two or more of the following security domains categories: Pentesting, Red Teaming, Security Architecture, Data Analytics, SDLC, or Application Security
- 6+ years of experience running offensive security or deep dive campaigns in large, complex organizations
- 5+ years of experience performing penetration testing
- 3+ years of experience with AWS technologies and services
- Demonstrated proficiency with Python, C/C++, Lua, Golang, or Rust. Ability to prepare technical specifications and executive-ready communications
- Experience as a software or devops engineer, or security engineer, working with developer teams that delivered commercial software or services
- Threat modeling experience and knowledge of AWS Cloud Security principles
- Threat hunting and/or detection engineering and experience in automation and orchestration (Chef, Puppet, Ansible, etc)
- GIAC Defensible Security Architecture (GDSA), OSCP, OSCE3, OSWE, or similar
- Published CVEs, offensive tools, or articles
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
We are open to hiring candidates to work out of one of the following locations:
Seattle, WA, USA
At Amazon, we are laser-focused on earning and maintaining customer trust. The Corporate Services Security team (CPSS) protects critical business services that our employees use to deliver the best products and services on planet earth.
Our Large-Scale Risk Reduction team (LSR) is looking for an innovative and impact-driven senior security engineer who has a strong passion for security at scale. This team is responsible for identifying large-scale risk within corporate services and integrations across the corporate services space, both first-party and third-party. This team secures the business by identifying and uncovering systemic risk, prioritizing scalable solutions, and driving mitigation efforts that lead to lasting and large-scale change across the company.
A senior security engineer in this role will operate across multiple Amazon Security teams and will leverage their diverse and deep expertise to drive strategic risk reduction with business leaders at the highest levels. They will identify opportunities to effectively scale our portfolio in order to meet the diverse needs of our customers. They will bring unique and creative insight into how we identify and drive risk reduction across the business. They work smarter and connect experts across disciplines to develop solutions that would otherwise not be feasible.
A person in this role must show exemplary judgment in making trade-offs between short-term fixes and long-term security and business goals. They think big and deliver impact. They must also demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, earning and maintaining trust along with a strong sense of customer obsession is necessary to achieve the ultimate goal of keeping Amazon and its customers secure.
Key job responsibilities
- Develop and deliver hunting campaigns to discover systemic risk plaguing the organization
- Write compelling narratives for stakeholders to consume and understand risk and impact
- Write crisp executive summaries for presentation to stakeholders and executives
- Develop innovative accelerators, tools, and mechanisms to improve the team’s velocity and quality
- Facilitate forums with principal engineers to drive consensus on appropriate solutions
- Demonstrate creativity, insight, intellectual flexibility, and sound risk judgment
- Work independently, but collaborate with cross-functional teams to produce broad impact and exceptional results
- Be a multiplier and operate with humility while being right, a lot
A day in the life
The Corporate Services Security (CPSS) Large-Scale Risk Reduction (LSR) team is responsible for performing deep analysis, identifying systemic risk, proposing scalable solutions, driving mitigation campaigns, and establishing secure third-party vendor data sharing relationships. The team works to identify, track, monitor, mitigate, and report on large-scale security risk reduction efforts. Through adoption of security controls that scale, and the assessment of internal services and third-party vendors, we are able to ensure Amazon's high security bar is exceeded.
The CPSS Large-Scale Risk Reduction team mission is to provide assurance by identifying and reducing risk through proactive assessment, monitoring, and mitigation.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
- 6+ years of experience running offensive security or deep dive campaigns in large, complex organizations
- 5+ years of experience performing penetration testing
- 3+ years of experience with AWS technologies and services
- Demonstrated proficiency with Python, C/C++, Lua, Golang, or Rust. Ability to prepare technical specifications and executive-ready communications
- Experience as a software or devops engineer, or security engineer, working with developer teams that delivered commercial software or services
- Threat modeling experience and knowledge of AWS Cloud Security principles
- Threat hunting and/or detection engineering and experience in automation and orchestration (Chef, Puppet, Ansible, etc)
- GIAC Defensible Security Architecture (GDSA), OSCP, OSCE3, OSWE, or similar
- Published CVEs, offensive tools, or articles
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
We are open to hiring candidates to work out of one of the following locations:
Seattle, WA, USA
At Amazon, we are laser-focused on earning and maintaining customer trust. The Corporate Services Security team (CPSS) protects critical business services that our employees use to deliver the best products and services on planet earth.
Our Large-Scale Risk Reduction team (LSR) is looking for an innovative and impact-driven senior security engineer who has a strong passion for security at scale. This team is responsible for identifying large-scale risk within corporate services and integrations across the corporate services space, both first-party and third-party. This team secures the business by identifying and uncovering systemic risk, prioritizing scalable solutions, and driving mitigation efforts that lead to lasting and large-scale change across the company.
A senior security engineer in this role will operate across multiple Amazon Security teams and will leverage their diverse and deep expertise to drive strategic risk reduction with business leaders at the highest levels. They will identify opportunities to effectively scale our portfolio in order to meet the diverse needs of our customers. They will bring unique and creative insight into how we identify and drive risk reduction across the business. They work smarter and connect experts across disciplines to develop solutions that would otherwise not be feasible.
A person in this role must show exemplary judgment in making trade-offs between short-term fixes and long-term security and business goals. They think big and deliver impact. They must also demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, earning and maintaining trust along with a strong sense of customer obsession is necessary to achieve the ultimate goal of keeping Amazon and its customers secure.
Key job responsibilities
- Develop and deliver hunting campaigns to discover systemic risk plaguing the organization
- Write compelling narratives for stakeholders to consume and understand risk and impact
- Write crisp executive summaries for presentation to stakeholders and executives
- Develop innovative accelerators, tools, and mechanisms to improve the team’s velocity and quality
- Facilitate forums with principal engineers to drive consensus on appropriate solutions
- Demonstrate creativity, insight, intellectual flexibility, and sound risk judgment
- Work independently, but collaborate with cross-functional teams to produce broad impact and exceptional results
- Be a multiplier and operate with humility while being right, a lot
A day in the life
The Corporate Services Security (CPSS) Large-Scale Risk Reduction (LSR) team is responsible for performing deep analysis, identifying systemic risk, proposing scalable solutions, driving mitigation campaigns, and establishing secure third-party vendor data sharing relationships. The team works to identify, track, monitor, mitigate, and report on large-scale security risk reduction efforts. Through adoption of security controls that scale, and the assessment of internal services and third-party vendors, we are able to ensure Amazon's high security bar is exceeded.
The CPSS Large-Scale Risk Reduction team mission is to provide assurance by identifying and reducing risk through proactive assessment, monitoring, and mitigation.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Other Jobs from Amazon
Innovation and Design Engineer, Worldwide Design Engineering
Bellevue, WA
US
Data Center Project Manager, US-East 2 CPI
Chantilly, VA
US
Data Center Engineering Operations Area Manager
Phoenix, AZ
US
Software Development Engineer, Artificial General Intelligence
Toronto, Ontario
Ontario, CA
Senior Software Development Engineer, AWS Config
Seattle, WA
US
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 389 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- Salaries for the engineering jobs on our site range from $100K-$200K. On average, senior engineer positions on our EchoJobs are about $160K.
- The EchoJobs positions have been sourced and vetted from the top companies to work for in the US as a software engineer, including LinkedIn and other reputable job sites. We also have syndicated jobs from companies that have just raised funding, as well as those that have great unique products and culture. From all of these sources, our founder, Morgan, has also resourced the company's authenticity in terms of their website, public appearance, and more.
- Yes, our users asked us for just this, so now our search filters allow you to search for your top jobs via location, as well as by onsite, remote, or both. Approximately 30% of our jobs are remote, so you’ve got the best options for you!
- We have not yet implemented this option, but are considering doing so in the future. For the moment, you would need to cancel your subscription, and resubscribe when you wanted to come back.
- We add new jobs to EchoJobs every day! We scan our sources for the newest jobs, verify them, and post them to EchoJobs within minutes. We add about 2,000-3,000 new jobs for you each day!
- From starting your job search to getting hired, the entire job search process can take us software engineers anywhere between 3-6 months. However, at EchoJobs, we’re striving to shorten this duration by finding the best, newest jobs for you, so you can do less job searching, and more applying.
- We’d recommend checking EchoJobs daily, as we add new jobs to the site each day. Additionally, if you got a chance to read our previous email on “what makes EchoJobs different from any other job search tools,” we also recommended that you set a job alert based on your job filters, so if you get emails on those new jobs, you could be checking more than once per day.
- If you decide to continue with us after the 1-month trial, we definitely recommend this, as we all know it usually takes 3-6 months to find a quality job as a software engineer these days. So to best support you, we just adjusted our membership options at EchoJobs to monthly, 3 months, or 12 months (this option is more for passive job seekers looking a little bit for the future if they want to come back to work or make a job switch potentially. This lets you see what’s out there in case an even better fit job becomes available.)
- EchoJobs is truly the only job site of its kind. We want to be THE spot for you to find the best job for you, and haven’t encountered any other company doing this. Other job sites are in niches besides software engineering or focus on a small portion of engineering jobs (like a specific coding language). In the words of Morgan, our founder, “I think what makes EchoJobs different is the amount of jobs, frequency that we add new jobs (we add 2,000-3,000 new jobs daily!), and the powerful search engines to find exactly the job you want more easily and efficiently. We can provide you with the most jobs that are vetted by us, we’ll continually find more new jobs for you, and we make it easier for you to apply and get hired.
What Fellow Engineers Say