Amazon Web Services
Technology
Security&ComplianceEngineer
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Security & Compliance Engineer at Amazon Web Services. Skills: Security engineering, Compliance automation, AWS security, Policy-as-code. Design security solutions. Build security solutions”
What You'll Achieve.
Measurable risk reduction
Industry & Context.
Risk identification; Root cause analysis
Travel as needed
What They're Looking For.
Must Have
3+ years programming in Python, 3+ years scripting and programming, Knowledge of networking protocols, Experience applying threat modeling
Nice to Have
2+ years threat modeling experience, 2+ years secure coding experience, 2+ years identity management experience, 2+ years software development experience, 2+ years cryptography experience, 2+ years system administration experience, 2+ years network security experience, Knowledge of networking protocols, Experience performing security activities, Experience writing for technical audiences, Programming and scripting skills in Python, Hands-on Infrastructure-as-Code skills, Hands-on experience with AWS security services, Experience deploying SCPs and RCPs, Experience writing policy-as-code, Experience designing CI/CD pipelines, Experience with AWS Control Tower customizations, Working knowledge of compliance framework, Experience producing audit-ready evidence, Spec-driven AI agentic design experience, Model Context Protocol (MCP) experience, AWS Solutions Architect certification, AWS Security Specialty certification, CISSP certification
What You'll Do.
Design security solutions
Build security solutions
Deploy security solutions
Translate compliance frameworks
Implement secure-by-design
Own engineering deliverables
Perform secure design
Perform implementation
Deliver cross-functional projects
Run security investigations
Mentor junior engineers
Identify systemic issues
Propose pragmatic solutions
Improve team mechanisms
Lead security design reviews
Lead architecture reviews
Design preventive controls
Design detective controls
Design proactive controls
Implement Service Control Policies
Implement Resource Control Policies
Implement policy-as-code
Implement automated remediation workflows
Build Infrastructure-as-Code controls
Apply AWS security best practices
Build continuous compliance monitoring
Build automated evidence collection
Build visualization pipelines
Build reporting pipelines
Build remediation pipelines
Integrate custom controls
Drive emerging-edge ideas
Propose implementation paths
Propose compensating controls
Develop technical content
Identify cross-team patterns
Identify cross-team gaps
Identify cross-team improvements
Travel to customer sites
How You'll Work.
Team & Collaboration
Cross-functional projects; Partner teams; Customer sites
Communication Scope
Technical content development
Process & Methodology
Full lifecycle management
Full Job Description
AWS Security Assurance Services (SAS) is hiring a Security & Compliance Engineer to design, build, and deploy AWS security and compliance solutions for highly regulated customers. You will own engineering deliverables across the full lifecycle — secure design, implementation, testing, deployment, and maintenance — translating compliance frameworks (SOC2, HIPAA, PCI-DSS, CIS, NIST, FedRAMP) into secure-by-design AWS implementations. You will work autonomously within your team, deliver cross-functional projects with partner teams, and drive measurable risk reduction for customers at scale. You’ll write code, ship custom controls, run security investigations, lead design and code reviews on your team, and mentor junior engineers. You will identify systemic issues, propose pragmatic solutions, and improve the team’s mechanisms over time. Key job responsibilities - Lead threat modeling, security design reviews, and architecture reviews for customer engagements; identify and mitigate risks across systems and applications. - Design and implement custom preventive, detective, and proactive controls — Service Control Policies (SCPs), Resource Control Policies (RCPs), policy-as-code (cfn-guard, OPA Rego, Cedar), and automated remediation workflows. - Build secure-by-design Infrastructure-as-Code controls for Landing Zones, AWS Control Tower customizations, Zero-Trust architectures, and AI/ML workloads. - Apply AWS security best practices for authentication and authorization, data handling, least privilege, encryption, micro-segmentation, tagging strategy, and API/MCP integration. - Write and review IaC, scripts, enforcements and detections in Python, Terraform, AWS CDK, CloudFormation, and Rego. - Build continuous compliance monitoring, automated evidence collection, visualization, reporting, and remediation pipelines that hold up in audit. - Integrate custom controls with AWS-native and third-party security and compliance tooling. - Drive emerging-edge ideas into prototyping
Applying for this Security & Compliance Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Amazon Web Services?
Real rants from real employees. Read before you apply.