Security Engineer Ii, Aws Cloud Security Response

Amazon Amazon · Big Tech · Herndon, VA · Systems, Quality, & Security Engineering

Security Engineer II for AWS Cloud Security Response. This role involves investigating and resolving security issues across AWS services, building automation for incident response, and driving proactive solutions. The role requires hands-on code engagement for remediations and working with AI-augmented workflows.

What you'd actually do

  1. Independently investigate and resolve security issues across 200+ AWS products, working hands-on with service code, security data, and cloud infrastructure at massive scale.
  2. Apply security judgment to drive outcomes, close security gaps through code, and build automation that scales how we respond to security issues.
  3. Think strategically, identifying patterns that point to systemic risks and driving proactive solutions before issues recur.
  4. Work effectively in AI-augmented workflows, using generative AI tools to accelerate security work.
  5. Mentor and coach junior engineers on security practices and professional growth.

Skills

Required

  • Security judgment
  • Hands-on investigation
  • Network security
  • Operating system security
  • Cryptography
  • Software security
  • Incident response
  • Communication skills
  • Coding for security gaps
  • Automation building
  • Cloud architecture understanding
  • IAM and access control
  • Proactive security analysis
  • Mentoring junior engineers

Nice to have

  • Experience with AI-augmented workflows
  • Experience with generative AI tools

What the JD emphasized

  • security judgment
  • hands-on investigative approach
  • technically proficient
  • communicate complex security issues clearly
  • Close security gaps through code
  • Build automation
  • Think proactively
  • Engage with cloud services at the architectural level
  • Identify recurring security patterns
  • Build automation to scale incident response procedures
  • Own and drive security issues from identification through resolution
  • Independently reproduce and validate reported security issues
  • Investigate and analyze security data
  • Develop and validate remediations through hands-on code engagement
  • Communicate the state of security issues