AWS Security Assurance Services LLC
Technology
Security&ComplianceEngineerII
Neural analysis suggests this role is
optimal for Mid candidates.
“Security & Compliance Engineer II at AWS Security Assurance Services LLC. Skills: Cloud security, Security compliance, Incident response. Develop and implement security controls. Ensure compliance with security standards”
What You'll Achieve.
Maintain security posture; Reduce security risks; Ensure regulatory compliance
Industry & Context.
Root cause analysis; Troubleshooting security issues
What They're Looking For.
Must Have
Bachelor's degree or equivalent experience, 5+ years of experience in security engineering, Experience with cloud security best practices, Experience with security compliance frameworks, Experience with threat modeling, Experience with incident response
Nice to Have
Master's degree in a related field, Experience with AWS security services, Experience with security automation tools, Experience with penetration testing, Experience with security architecture design
What You'll Do.
Develop and implement security controls
Ensure compliance with security standards
Conduct security risk assessments
Respond to security incidents
Automate security processes
Perform vulnerability assessments
Design secure cloud architectures
Collaborate with engineering teams
How You'll Work.
Team & Collaboration
Cross-functional teams; Engineering teams
Communication Scope
Technical documentation; Security reports
Full Job Description
AWS Security Assurance Services (SAS) is hiring a Security & Compliance Engineer to design, build, and deploy AWS security and compliance solutions for highly regulated customers. You will own engineering deliverables across the full lifecycle — secure design, implementation, testing, deployment, and maintenance — translating compliance frameworks (SOC2, HIPAA, PCI-DSS, CIS, NIST, FedRAMP) into secure-by-design AWS implementations. You will work autonomously within your team, deliver cross-functional projects with partner teams, and drive measurable risk reduction for customers at scale. You’ll write code, ship custom controls, run security investigations, lead design and code reviews on your team, and mentor junior engineers. You will identify systemic issues, propose pragmatic solutions, and improve the team’s mechanisms over time. Key job responsibilities - Lead threat modeling, security design reviews, and architecture reviews for customer engagements; identify and mitigate risks across systems and applications. - Design and implement custom preventive, detective, and proactive controls — Service Control Policies (SCPs), Resource Control Policies (RCPs), policy-as-code (cfn-guard, OPA Rego, Cedar), and automated remediation workflows. - Build secure-by-design Infrastructure-as-Code controls for Landing Zones, AWS Control Tower customizations, Zero-Trust architectures, and AI/ML workloads. - Apply AWS security best practices for authentication and authorization, data handling, least privilege, encryption, micro-segmentation, tagging strategy, and API/MCP integration. - Write and review IaC, scripts, enforcements and detections in Python, Terraform, AWS CDK, CloudFormation, and Rego. - Build continuous compliance monitoring, automated evidence collection, visualization, reporting, and remediation pipelines that hold up in audit. - Integrate custom controls with AWS-native and third-party security and compliance tooling. - Drive emerging-edge ideas into prototyping
Applying for this Security & Compliance Engineer II role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about AWS Security Assurance Services LLC?
Real rants from real employees. Read before you apply.