Sr. Security Engineer, Amazon Stores Security Appsec

Amazon Amazon · Big Tech · London, United Kingdom · Systems, Quality, & Security Engineering

Senior Security Engineer role focused on application security within Amazon Stores. Responsibilities include threat modeling, secure code review, developing security automation tools, adversarial analysis, security training, and architectural guidance. The role emphasizes influencing teams and partners to improve security outcomes, with a focus on AI adoption in security processes and tooling.

What you'd actually do

  1. Creating, updating, and maintaining threat models for a wide variety of software projects.
  2. Manual and Automated Secure Code Review, primarily in Java, Python and Javascript.
  3. Development of security automation tools.
  4. Adversarial security analysis using novel tools to augment manual effort.
  5. Security training and outreach for internal development teams.

Skills

Required

  • Experience (non-internship) in scripting, programming, and security code reviewing in a common programming language
  • Experience (non-internship) in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools
  • Experience working in identifying security issues and risks, and developing mitigation plans
  • Experience (non-internship) in industry-based security vulnerabilities identification, attack patterns, and remediation techniques
  • Experience as a mentor, tech lead or leading an engineering team

Nice to have

  • Experience applying threat modeling or other risk identification techniques or equivalent
  • Experience with security in service-oriented architectures/microservices and web services

What the JD emphasized

  • scaling security reviews with AI/LLM