Come lead the technical strategy for how Amazon detects and stops the world's most sophisticated cyber threats!
We build and operate automated threat detection and mitigation systems that process over 1PB of security telemetry daily across host, network, identity, and physical security domains. As a Principal Security Engineer, you will define the technical direction for this work, identifying the hardest unsolved problems, designing and prototyping new cross-domain threat detection ideas, and driving these new initiatives to completion across multiple teams and organizations.
You will operate with high autonomy in ambiguous spaces where the problems are not handed to you. You will work alongside software development engineers, data scientists, and security engineers, mentoring across job families, building consensus across teams on technical and security trade-offs, and raising the technical bar for the org. Your work will directly protect every AWS customer worldwide and help preserve our customers’ trust in us. The adversaries are real, the scale is unmatched, and our hardest problems are still unsolved.
Key job responsibilities
- Serve as an org-wide technical lead, setting technical direction, shaping long-term strategy, and increasing each team's productivity and effectiveness
- Identify and prioritize the highest-impact security detection problems across the org, driving clarity in ambiguous spaces
- Design and prototype new detection approaches, then drive them to production through engineering teams
- Stay connected to all critical projects across the org, auditing technical decisions and providing guidance on work led by others
- Mentor engineers across multiple job families and help managers guide the career growth of their team members
- Sponsor cross-org technical initiatives with partner teams across Amazon Security and AWS, driving decisions forward and unblocking teams to ensure delivery
- Build consensus across teams on important security and technical trade-offs, driving closure and alignment toward coherent outcomes
- Identify, evaluate, and advocate for new technologies to improve threat detection and mitigation capabilities
- Clearly communicate security risks and technical trade-offs to business leaders and non-technical stakeholders
About the team
You will help define the technical strategy for how Amazon detects and stops advanced threats, with the autonomy to identify the problems worth solving and an engineering org behind you to help build the solutions. You will identify threats and security risks that are not readily apparent to traditional detection approaches, proactively taking action before those risks materialize. You will write new threat detectors and automated mitigations to catch actual threat actors. You will work across Amazon and have direct influence on how AWS protects its infrastructure and customers. In addition to identifying new problems, you will frame the solutions, demonstrate their feasibility, and drive buy-in with leadership to get them funded, staffed, and delivered. The problems are real, the adversaries are sophisticated, and the impact you can make is global and immediate.
- Experience performing security investigations, detection engineering, threat hunting, and/or incident response
- Experience with detection engineering and/or anomaly detection within security
- Understanding of Tactics, Techniques, and Procedures (TTPs) used by threat actors or groups
- Knowledge of security telemetry across 2+ domains (e.g., hosts, networks, cloud, physical security)
- Ability to develop code with at least one modern language, such as Python
- Proven ability to provide technical and strategic leadership across multiple teams and/or within a large organization
- Experience communicating technical concepts to a non-technical audience
- Citizen within the EU
- Experience using common cloud services (IAM, Lambda, EC2, VPC, S3) for security response and/or automation
- Experience processing and analyzing security telemetry at scale
- Experience using machine learning and/or statistical methods for anomaly detection in security
- Experience with GenAI/LLMs applied to security workflows
- Experience working with software developers, data scientists, and/or product management teams
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
