Amazon Web Services (AWS) is seeking an enthusiastic and innovative Security Engineer to join our AWS Security Vulnerability Management team. At AWS, security is our top priority. Our team is dedicated to developing cutting-edge security services that empower and automate security solutions on a massive scale. We are data-driven, set ambitious goals, and continuously strive to elevate the security standards at AWS. In this critical role, you will collaborate with a team of skilled security engineers to tackle complex security challenges that have a direct and positive impact on our customers. You will have the opportunity to engage with product teams, industry experts, security partners, and organizational leaders across the entire AWS ecosystem. Your contributions will include building and owning software solutions that address ambiguous technical issues. Key Responsibilities: Develop and implement solutions to identify software-based risks in AWS services. Conduct vulnerability and impact assessments while considering various factors. Query, analyze, and report on large datasets to pinpoint potential risks. Collaborate with software and security engineers to design effective solutions that address complex security challenges. Perform severity assessments of software vulnerabilities. Work with software development teams to contextualize findings and adjust risk scores accordingly. Automate processes to enhance operational efficiency. Collaborate with partner teams to propose and implement risk reduction strategies at scale. A Day in the Life: Your day will begin with assessments of critical vulnerabilities across container workloads and next-generation assets, such as IoT devices, firmware, and AI systems. You will work closely with product teams to improve scanning methodologies and remediation approaches. Additionally, you will perform in-depth analyses with system owners to streamline automation processes and minimize false positives. Mentoring junior engineers on security evaluations will also be part of your responsibilities, as well as developing KPIs to measure security effectiveness and builder impact. You will update runbooks and strategize on how to enhance security standards while reducing operational burdens for builder teams across diverse asset types. About the Team: We value diverse experiences within Amazon Security. We encourage all candidates to apply, even if they do not meet every qualification listed. Whether your career path has been conventional or unique, your background can add significant value to our team. Why Join Amazon Security? Security is essential to maintaining customer trust and satisfaction at Amazon. Our team is responsible for upholding high-security standards across all Amazon products. We offer talented security professionals the opportunity to advance their careers through experience in various areas, including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Inclusive Team Culture: At Amazon Security, we foster a culture of learning and curiosity. Our ongoing diversity, equity, and inclusion (DEI) events encourage personal growth and the celebration of our uniqueness. Tackling challenging security issues requires a broad range of ideas, perspectives, and voices. Training & Career Development: We continuously raise our performance expectations and seek to be the best employer in the world. Here, you will find numerous knowledge-sharing opportunities, training resources, and avenues for career advancement to help you grow into a well-rounded professional. Work/Life Balance: We prioritize work-life harmony. Achieving success at work should not come at the expense of your home life. Flexible work hours and arrangements are part of our culture here. When we are supported both at work and at home, there is nothing we cannot achieve. Basic Qualifications: 6+ years of experience in identifying security issues and developing mitigation strategies. 4+ years of experience in network, system, or software architecture, including security-focused tools and services. 4+ years of programming experience in languages such as Ruby, Python, Shell/BASH, Java, C/C++, or Perl. 2+ years of experience in areas such as cryptography, web and network protocols, or vulnerability assessments. Preferred Qualifications: Understanding of cloud computing services and deployment architectures. Experience with innovative security approaches in non-traditional IT environments. Ability to generate automated metrics to evaluate service effectiveness. Strong communication skills, capable of conveying complex technical information clearly. Experience in developing security products. This position will remain posted until filled. Applicants should apply through our career site.