Security Engineer II, Infrastructure Security Compliance

AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global infrastructure. In other words, we're the people who keep the cloud running. We support all AWS data centers and all of the servers, storage, networking, power, and cooling equipment that ensure our customers have continual access to the innovation they rely on. We work on the most challenging problems and we're looking for talented people who want to help.

You'll join a diverse team of software, hardware, and network engineers, supply chain specialists, security experts, operations managers, and other vital roles. You'll collaborate with people across AWS to help us deliver the highest standards for safety and security while providing seemingly infinite capacity at the lowest possible cost for our customers. And you'll experience an inclusive culture that welcomes bold ideas and empowers you to own them to completion.

The Infrastructure Security Team is responsible for the security and risk management of the AWS Infrastructure. We build systems that detect, assess, and mitigate risk across the global infrastructure and are accountable for keeping the Amazon Infrastructure secure and compliant with customer requirements. The Infrastructure Compliance Team is looking for a Security Engineer to join our dynamic, outcome-driven team. The successful candidate is an owner who can deliver through high performing, diverse teams and who understands all parts of security, software development, deployment, and operations. You must possess strong technical networking, supply chain security and/or data center compliance background, strong verbal and written communication skills, be self-driven, demonstrate high impact and influence across teams, and deliver high quality results in a fast-paced environment. We're looking for leaders who can lead through challenges and seek to shed light on ambiguity. If that is you, Amazon is the place to be as we solve hard problems, make history, and have fun.

Key job responsibilities

Security Outcomes & Risk Management:

• Develop, implement, and analyze security outcomes for AWS Infrastructure (networking, supply chain security, data center compliance) aligned with various compliance frameworks (e.g. NIST, FedRAMP, ISO 27001, and AWS standards)

• Identify and drive mitigation of security risks, including the development of monitoring and reporting capabilities for continued compliance

• Assess the impact to the business for difficult and ambiguous security risks with pragmatic, scalable solutions

Automation & Tool Development:

• Design, develop, and deploy automation tools and scripts to streamline compliance validation, audit evidence collection, and security control monitoring at scale

• Build pragmatic automation solutions using Python, Bash, or other scripting languages to improve team efficiency and reduce manual toil

• Develop tooling to implement automated remediation mechanisms for security and compliance gaps

• Build dashboards and reporting tools to provide real-time visibility into security posture across AWS infrastructure

Compliance & Audit Leadership:

• Serve as subject matter expert on regulatory and compliance implications for third-party audits, customer audits, and regulatory examinations

• Lead compliance discussions with internal stakeholders, customers, and external auditors

• Produce and catalog authoritative compliance content applicable to multiple stakeholders, improving customer response times and trust

• Validate security compliance requirements on behalf of AIS builders, protecting their time and keeping them building

About the team

ABOUT AWS:

Diverse Experiences

Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Why AWS

Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve in the cloud.

Inclusive Team Culture

Here at AWS, it's in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.

Mentorship and Career Growth

We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

BASIC QUALIFICATIONS

- 4+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience

- Bachelor's degree in computer science or equivalent

- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent

- Strong understanding of internet and networking technologies including TCP/IP, routing protocols, network architecture and security

- Experience with security frameworks and compliance standards (NIST, ISO 27001, SOC 2, FedRAMP, or similar)

- Excellent written and verbal communication skills with ability to articulate complex security concepts to technical and non-technical audiences

PREFERRED QUALIFICATIONS

- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+

- Experience in identifying security issues and risks, and developing mitigation plans

- Knowledge of systems engineering fundamentals (networking, storage, operating systems)

- Knowledge of one or more scripting languages (e.g., Python, Ruby, Perl)

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at

USA, MN, Minneapolis - 159,300.00 - 202,400.00 USD annually