Security & Compliance Engineer I, AWS Security Assurance Services, LLC
Amazon Web Services (AWS) · Nashville, TN · 1 wk ago
Quality AssuranceFull-time
About the role
AWS Security Assurance Services (SAS) is hiring an Associate Security & Compliance Engineer to help build and operate AWS security and compliance solutions for highly regulated customers. You will execute your team’s security processes, contribute to runbooks and tooling, write and review code and Infrastructure-as-Code, and help ship secure-by-design implementations aligned to compliance frameworks (SOC2, HIPAA, PCI-DSS, CIS, NIST, FedRAMP).
Responsibilities
- Implement custom security controls, enforcements, detections, and automated remediations
- Contribute to Infrastructure-as-Code modules for Landing Zones, AWS Control Tower customizations, and security baselines using Terraform, AWS CDK, or CloudFormation.
- Write Python and policy-as-code (cfn-guard, OPA Rego, Cedar) to extend preventive and detective controls.
- Participate in code, IaC, and design reviews; provide constructive feedback
- Contribute to POCs on emerging technologies; implement components, run experiments, and document findings so the team can build on the results.
- Implement continuous compliance monitoring checks, evidence collection automations, and reporting dashboards.
- Help identify, confirm and document risks and mitigations during design and implementation stages of customer engagements.
- Apply common risk trade-offs (e.g., tactical compensating controls vs. addressing root causes) under guidance.
- Contribute to runbooks, tools, and other security mechanisms used by the team and customers.
- Participate in operational support; help ensure root causes of operational and security issues are identified and resolved.
- Follow established procedures to diagnose problems, and escalate appropriately when blocked.
- Communicate security risk for low-complexity problems clearly in writing and verbally to your team and direct leadership.
- Solicit differing views and learn from peer feedback.
- Travel to customer sites as needed.
Qualifications
- 2+ years of web protocols, common security attacks, and remediation (non-internship) experience
- Bachelor's degree in Engineering, Computer Science, or a related field
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience with web protocols, common security attacks, and remediation (non-internship)
- Experience solving basic problems by writing code or scripts with some assistance
- Experience in web security, or experience demonstrating software engineering skills in a previous intership, work experience, coding competitions, or publications and experience in networking administration and troubleshooting
- 1+ years of cloud architecture and solution implementation experience, or US government security clearance of top secret or above
- Experience working effectively on milestone-driven projects
- Experience in identifying incomplete or inaccurate data, identifying the root cause and creating/implementing an escalation plan, or experience communicating results to senior leadership
- Knowledge of one or more of the following domains: access-control system and methodology, network security, application- and system-development security, security architecture and models, cryptography, and operations security
- Experience communicating clearly and concisely with leadership, stakeholders, and cross-functional teams
- Experience demonstrating software engineering skills in a previous internship, work experience, coding competitions, or publications, or experience that includes strong analytical skills, attention to detail, and effective communication abilities