Security Engineer II, Red Team

AWS Security is actively seeking a Security Engineer II, Red Team, to strengthen our systems and processes against the latest threats. This role involves conducting offensive campaigns, performing emergent threat testing, creating and maintaining automated threat emulation solutions, and assisting security and service teams in integrating offensive insights into their development, deployment, monitoring, and response processes. Offensive security at AWS's scale presents a unique challenge due to both the volume of systems and the extensive staff and processes involved. A Security Engineer II at Amazon is expected to be proficient across multiple domains. This is a leadership position within the AWS IT Security team, where your technical and business advice will be highly valued. The role requires strong time management skills and the ability to achieve results despite uncertainty. A Security Engineer II is expected to proactively share knowledge within the Amazon community and serve as a key company resource in one or more core security areas. You will lead security reviews for major Amazon projects, establish standards, and define best practices for the AWS IT Security team. Engineers in this role must demonstrate exceptional judgment in balancing short-term and long-term security and business objectives. They should also show resilience and handle difficult situations with composure and tact, resolving conflicts by listening, identifying the best path forward, and persuading colleagues. Successful engineers in this position regularly analyze their own performance critically. A comprehensive understanding of the AWS business and its interconnections is necessary. This position also includes providing training, advice, and mentorship to other engineers across AWS, and you will be expected to offer thought leadership through invention and innovation in your duties. It is mandatory that the selected candidate be a US Citizen and currently hold an active TS/SCI security clearance with polygraph. Key job responsibilities include vulnerability identification and tracking, offensive security testing and vulnerability research, emergent threat testing, creating and maintaining automated threat emulation solutions, recommending findings and threat mitigations, producing high-quality red team reports, managing projects and research as needed, delivering security training and outreach to internal development teams, documenting security guidance, developing security tools, driving security metrics delivery and improvements, and assisting with recruiting activities. Our team is dedicated to supporting new members, cultivating an environment that values knowledge sharing and mentorship across a diverse mix of experience levels and Amazon tenures. At AWS, we embrace diversity and are committed to fostering an inclusive culture. We have ten employee-led affinity groups reaching 40,000 employees globally, innovative benefit offerings, and host annual learning experiences like our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s 16 Leadership Principles reinforce our culture of inclusion, prompting team members to seek diverse perspectives, remain curious, and earn trust. Our team also prioritizes work-life balance, acknowledging its crucial role in your happiness and success. We offer flexible schedules, focusing on a productive and well-balanced life both professionally and personally, rather than strict hours. Basic qualifications for this role include a Bachelor's degree or certifications such as CCSP, CEH, CFR, Cloud+, CySA+, GCED, GICSP, or PenTest+, in addition to a current, active US Government Security Clearance of TS/SCI with Polygraph. Preferred qualifications include Offensive Security Certified Professional (OSCP) equivalent or higher, and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) equivalent or higher. Amazon is an equal opportunity employer and does not discriminate. The compensation for this position ranges from $136,000 to $212,800 annually, depending on market location, job-related knowledge, skills, and experience. Amazon offers a total compensation package including equity, sign-on payments, and comprehensive benefits. More information on benefits is available on the Amazon website. This position will remain posted until filled.