SecurityEngineerII,StoreSecApplicationSecurity

Amazon Healthcare Security's (HealthSec) AI team is hiring a Security Engineer II to secure GenAI applications and enable secure AI adoption across Amazon Health Services (AHS). You will work at the intersection of AI for Security and Security for AI—securing AHS GenAI applications in production, hardening the AI-SDLC for AHS builders, and building AI-powered security tooling that scales protection across healthcare verticals including application security, network and infrastructure security, detections and monitoring, and incident response. Working closely with AHS AI application builders and product teams, you will ensure that AI systems handling healthcare data meet HIPAA compliance and Amazon's security bar while improving security review process efficiency for both builders and peer healthcare security teams. Key job responsibilities Define and drive implementation of proactive security controls for AHS AI applications including GenAI chatbots, agentic systems, and LLM-powered tools Develop and implement security controls for the AI-SDLC, ensuring AHS builders build secure AI applications by default Assess and drive mitigation of AI-specific security risks including prompt injection, model abuse, data exfiltration, and unauthorized tool invocation at scale Build and/or drive adoption of AI-powered security tooling (e.g., automated threat modeling, code scanning, security test generation) to scale security across AHS Drive adoption of AI security guardrails, testing frameworks, and monitoring across AHS GenAI applications Collaborate with AHS builder teams to integrate security guidance into AI development workflows, reducing late-stage security findings Develop and maintain security documentation including AI threat models, risk assessments, and secure AI development guidelines Support security incident investigations related to AI systems, including prompt injection attacks and model misuse About the team The HealthSec AI team secures Amazon's healthcare AI a