Jobs · Engineering · Washington

Sr. Security & Compliance Engineer, AWS Security Assurance Services, LLC

Amazon Web Services (AWS) · Seattle, WA · 6 days ago
EngineeringFull-time

About the role

AWS Security Assurance Services (SAS) is hiring a Senior Security & Compliance Engineer to lead the design, deployment, and implementation of complex AWS security and compliance solutions that accomplish customer-defined business and security outcomes, solving for new levels of scale, complexity, and performance.

Responsibilities

  • Own design and architecture choices for security and compliance automation solutions for regulated customers and influence partner-org design and deliverables.
  • Engineer and lead AI-enabled automations, threat modeling, design reviews.
  • Build secure-by-design IaC modules for Landing Zones, Control Tower customizations, Zero-Trust architectures, and AI/ML workloads.
  • Lead the design, deployment, and implementation of AWS security controls, continuous compliance monitoring, evidence collection, and remediation of insecure configurations to scale with automation.
  • Architect custom preventive, detective, and proactive controls, SCPs, RCPs, policy-as-code (cfn-guard, OPA Rego, Cedar).
  • Set high bar for authentication and authorization, data protection, least privilege, encryption, micro-segmentation, tagging strategy, integrations via API and MCP, and secure AI agentic design.
  • Write and review scripts, and IaC (Python, Terraform, AWS CDK, CloudFormation, Rego).
  • Lead exploratory POCs on emerging technologies. Define the hypothesis, success criteria, and go/no-go gates.
  • Lead alignment, resolve escalations, troubleshooting, and root-cause analysis to closure
  • Lead the development of technical content
  • Communicate security risk and design decisions clearly verbally and in writing to technical, non-technical, and C-level audiences.
  • Identify and shape sales opportunities. Influence service-team roadmaps and SAS offering strategy.
  • Travel to customer sites as needed.

Qualifications

  • 5+ years of work in identifying security issues and risks, and developing mitigation plans experience
  • 4+ years of (non-internship) scripting, programming, and security code review in common programming languages experience
  • Knowledge of at least two of the following programming languages: Scala, Java, Python, C/C++, or Go

Preferred Qualifications

  • Experience with security in service-oriented architectures/microservices and web services
  • 8+ years as a technical specialist, including 5+ years in secure coding, software development, cloud security engineering or related work;
  • Strong programming and scripting skills in Python, TypeScript, Node.js, Go, Java, or .NET.
  • Advanced Infrastructure-as-Code proficiency in Terraform, AWS CDK, and/or CloudFormation.
  • Expert-level configuration and architectural experience with AWS security and governance services: Config, GuardDuty, Security Hub, Control Tower, Systems Manager, KMS, IAM, VPC, Lambda, CloudTrail, CloudWatch, EventBridge.
  • Track record of deploying SCPs and RCPs in multi-account AWS Organizations at enterprise scale.
  • Experience writing and deploying reusable policy-as-code patterns (cfn-guard, OPA Rego, Cedar, or equivalent).
  • Industry and AWS certifications: CISSP, AWS Solutions Architect Professional, AWS Security Specialty strongly preferred; additional certifications a plus.

Pay

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location.

USA, TX, Dallas - 178,400.00 - 226,700.00 USD annually

USA, VA, Arlington - 178,400.00 - 226,700.00 USD annually

USA, WA, Seattle - 178,400.00 - 226,700.00 USD annually

Similar jobs