PitchMeAI
Amazon Web Services (AWS)

Security Engineer II, US Amazon Dedicated Cloud Security

Amazon Web Services (AWS) · Herndon, VA

  • On site
  • Full-time
  • $180,000 / year
  • Herndon, VA

Job highlights

  • Conduct offensive security testing and threat emulation.
  • Identify vulnerabilities and recommend mitigations.
  • Provide security guidance and mentorship.
  • Lead security reviews and set best practices.
  • Requires active TS/SCI clearance with polygraph.

About the role

Security Engineer II Red Team, US Amazon Dedicated Cloud Security

AWS Security is seeking a Red Team Security Engineer to bolster the security of our systems and processes against evolving threats. In this role, you will be instrumental in conducting offensive campaigns, performing emergent threat testing, developing and maintaining automated threat emulation solutions, and providing offensive security insights to enhance development, deployment, monitoring, and response processes for security and service teams. Operating at the scale of AWS presents a unique challenge, demanding expertise in both system and organizational scale.

Role and Responsibilities

As a Security Engineer II at Amazon, you are expected to possess deep expertise across multiple security domains. This leadership position within the AWS IT Security team requires you to serve as a trusted advisor on technical and business challenges. You must demonstrate effective time management and the ability to achieve results amidst ambiguity. Proactively sharing knowledge across the Amazon community and becoming a key resource in core security areas are essential. You will lead security reviews for major Amazon projects, establishing standards and defining best practices for the AWS IT Security team.

Engineers in this role must exhibit excellent judgment in balancing short-term and long-term security and business goals. Resilience and composure in difficult situations are critical. Conflicts should be resolved through active listening, collaborative problem-solving, and persuasion. Successful engineers will critically evaluate their own performance. A comprehensive understanding of the AWS business and its interconnectedness is necessary. This role also involves providing training, advice, and mentorship to other engineers throughout AWS.

You will be expected to provide thought leadership, driving innovation and invention in your daily duties.

Security Clearance Requirement

This position requires US Citizenship and the candidate must hold and maintain an active TS/SCI security clearance with polygraph.

Key Job Responsibilities

  • Vulnerability Identification and Tracking
  • Offensive security testing & vulnerability research
  • Emergent threat testing
  • Creating/maintaining automated threat emulation solutions
  • Recommendation of findings and threat mitigations
  • Produce high quality red team reports
  • Projects and research work as needed
  • Security training and outreach to internal development teams
  • Security guidance documentation
  • Security tool development
  • Security metrics delivery and improvements
  • Assistance with recruiting activities

About The Team

Our team is committed to supporting new members and fosters an environment that celebrates knowledge sharing and mentorship. We have a diverse mix of experience levels and tenures, embracing our differences and promoting inclusion through employee-led affinity groups and inclusive events.

We value work-life balance, offering flexible schedules to ensure productivity and well-being both in and out of work.

Basic Qualifications

  • Bachelor's degree, or CCSP, CEH, CFR, Cloud+, CySA+, GCED, GICSP, or PenTest+
  • Current, active US Government Security Clearance of TS/SCI with Polygraph

Preferred Qualifications

  • Offensive Security Certified Professional (OSCP) equivalent, or higher
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) equivalent, or higher

Equal Opportunity Employer

Amazon is an equal opportunity employer. We do not discriminate on the basis of race, color, national origin, gender, gender identity or expression, sexual orientation, protected veteran status, disability, age, religion, or genetic information. For information on accommodations, please visit https://amazon.jobs/content/en/how-we-hire/accommodations.

Compensation and Benefits

The base salary range for this position is $159,300.00 - $202,400.00 USD annually. Your Amazon package will also include sign-on payments and restricted stock units (RSUs). Final compensation will be determined by factors including experience, qualifications, and location. Amazon offers comprehensive benefits, including health insurance, 401(k) matching, paid time off, and parental leave. Learn more at https://amazon.jobs/en/benefits.

Key skills/competency

  • Red Teaming
  • Offensive Security
  • Vulnerability Research
  • Threat Emulation
  • Security Engineering
  • Cloud Security
  • Penetration Testing
  • Risk Management
  • Security Audits
  • Incident Response

Skills & topics

  • Security Engineer
  • Red Team
  • Offensive Security
  • Cloud Security
  • Penetration Testing
  • Vulnerability Research
  • Threat Emulation
  • AWS
  • Amazon Web Services
  • Cybersecurity

How to get hired

  • Tailor your resume: Highlight offensive security, red teaming, and cloud security experience. Quantify achievements using metrics.
  • Craft a compelling application: Clearly articulate your passion for offensive security and your understanding of AWS.
  • Prepare for technical interviews: Be ready to discuss vulnerability research, threat emulation, and security tool development.
  • Showcase leadership and judgment: Demonstrate your ability to make complex technical trade-offs and navigate challenging situations.
  • Understand AWS culture: Familiarize yourself with Amazon's Leadership Principles and their application to security roles.

Technical preparation

Practice offensive security tools and techniques.,Study AWS security services and configurations.,Develop scripts for automation and emulation.,Research current adversarial TTPs.

Behavioral questions

How do you handle technical trade-offs?,Describe a difficult situation and resolution.,How do you share knowledge with others?,How do you critically analyze your performance?

Frequently asked questions

What are the specific security clearance requirements for the Security Engineer II Red Team role at AWS?
The Security Engineer II Red Team position at AWS requires US Citizenship and an active TS/SCI security clearance with a polygraph. This is a mandatory requirement for this role.
What is the difference between a Security Engineer II and other security roles at AWS?
A Security Engineer II at AWS is a leadership role expected to be strong in multiple security domains, offering technical and business advice, and setting best practices. They are key company resources and mentors, going beyond typical individual contributor responsibilities.
Can I apply for the Security Engineer II Red Team role if I don't have a Bachelor's degree but have relevant certifications?
Yes, AWS considers equivalent experience. If you possess certifications like CCSP, CEH, CFR, Cloud+, CySA+, GCED, GICSP, or PenTest+, you may meet the educational requirements in lieu of a Bachelor's degree.
What are the preferred certifications for the Security Engineer II Red Team position at AWS?
Preferred qualifications include an Offensive Security Certified Professional (OSCP) equivalent or higher, or a GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) equivalent or higher. These demonstrate advanced offensive security skills.
What type of work-life balance can I expect as a Security Engineer II Red Team at AWS?
AWS emphasizes work-life balance, offering flexible schedules rather than focusing on hours worked. The goal is to support a productive and well-balanced life, both professionally and personally.
How does AWS foster an inclusive culture for its security teams?
AWS embraces diversity through employee-led affinity groups, inclusive events, and reinforcing its 16 Leadership Principles that encourage diverse perspectives, curiosity, and trust. The security teams, including the Red Team, are part of this inclusive environment.
What are the primary responsibilities of the Red Team Security Engineer at AWS?
The primary responsibilities include conducting offensive security testing, vulnerability research, emergent threat testing, developing automated threat emulation solutions, and providing security guidance and mentorship to internal teams.
Does this Security Engineer II role involve any direct customer interaction or client-facing responsibilities?
While the role focuses on internal security for AWS systems, the insights and guidance provided to internal development teams can indirectly impact customer-facing services. Direct client interaction is not the primary focus.