"Alerted.org

Description

In Amazon Stores, we develop and operate some of the most diverse and high-scale technologies in the world—from Amazon.com’s global retail platform to advanced machine learning systems and next-generation retail experiences. With the scale and innovation we drive comes the responsibility to build secure systems from the ground up.

We are seeking a Security Engineer to join the AppSec organization and support Project LOAF (Lifecycle of a Finding)—a critical initiative to prevent security findings from ever reaching production. In this role, you will engineer innovative solutions using AI to assess security findings, identify systemic issues across business units, and build scalable tools to analyze and eradicate root causes. Your work will directly impact the security posture of Amazon's most strategic lines of business.

You will collaborate closely with software engineering teams, product managers, and security leadership to ensure issues are detected early and eliminated at scale. One day you might be building a tool to classify findings with AI; the next, working with a BU to trace the cause of recurring vulnerabilities and propose long-term fixes.

The ideal candidate blends strong technical execution with security intuition, and thrives in environments where they can influence, automate, and scale security impact. You should be comfortable translating complex findings into actionable insights and driving adoption of security best practices across a large and distributed engineering organization.

At Amazon, we invest in our people and empower our teams to focus on high-leverage work over reactive tasks. Join us to work on some of the most innovative and impactful security challenges in the industry—and help keep our customers safe by preventing security issues before they happen.

Key job responsibilities

Engineer AI-driven solutions to assess and classify security findings across business units

Identify root causes of recurring vulnerabilities and develop systemic remediation strategies

Design and build internal tools to analyze patterns in security findings and prevent recurrence

Collaborate with application teams to implement preventative security controls earlier in the development lifecycle

Develop automated workflows to integrate security insights into developer pipelines

Perform targeted code reviews and static/dynamic analysis to validate findings and guide mitigations

Contribute to the creation of security dashboards and metrics for visibility into finding trends and remediation velocity

Partner with security leadership and engineering stakeholders to define and prioritize high-impact prevention efforts

Investigate and eradicate classes of vulnerabilities through scalable solutions

Guide teams through remediations by providing technical mentorship and secure design best practices

Maintain deep awareness of emerging threats, and proactively adapt tooling and processes to address them

About the team

About Amazon Security

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture

In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Basic Qualifications

- 3+ year's experience in Application Security

- Advanced knowledge and understanding of security engineering, system and network security, authentication an security protocols, cryptography, or application security.

- Experience reading and writing in at least one programming language

- BS degree in Computer Science, Computer Engineering, Electrical Engineering, similar technology degrees or 5+ years' equivalent technology experience

Preferred Qualifications

- 2+ Experience in the Application Security domain

- Development experience in Python and/or Java.

- Secure software development lifecycle experience.

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.