Amazon Principal Security Engineer 

Australia, Victoria, Melbourne 

595634638

Top reasons to join our team:
• Be a catalyst to deliver a truly disruptive products that are growing rapidly
• Influence and design distributed systems design at massive scale
• Lead technical road maps and innovation plans, both internally and with external customers and suppliers, with a focus on security architecture
• Mentor and coach engineering teams to provide direction, oversight and a clear path to secure architecture design and implementationThe role will be pivotal to the technical success of the program. You will operate at the confluence between the customer and the AWS, identifying, applying and evaluating secure design patterns across our cloud architecture.
Key job responsibilities
• You will be Amazon’s voice in technical security engagements, ensuring we continually obsess on customer needs, and building trust through clear and accurate architectural reviews and assessments
• You will direct and lead on changes that alter our threat models, evaluating our security posture and driving appropriate architectural mitigations across our services
• You will take the lead in reviewing designs, challenging patterns and principles, setting precedent and direction, and indexing on security whilst adhering to cloud best practices
• You will maintain the balance between achievability and affordability in our designs, ensuring the right stakeholders are informed and engaged every step of the way
• You will establish security requirements for cloud-based solutions by evaluating business strategies and requirements; implementing security standards such NCSC Security Principles, NIST CSF, FIPS, or CSA as appropriateA day in the life
The Principal Security Engineer will be a hands-on leader who is able to combine deep security learnings with cloud technology to drive the program architectural roadmap. You will collaborate with our customers and suppliers to model security requirements against Amazons cloud capabilities. You will work closely with engineering teams, program management and senior stakeholders to translate requirements into achievable designs that raise the bar for Amazon. Once delivered, you will play a pivotal role in ensuring that across our program Amazon continually exceeds the high security bar that is expected by our customers.Communication is an integral part of this role, and there is an expectation that you will engage with stakeholders on planning and communication of project deliverables. You may also be called upon to support operational integrity and, in the event of problems, be able to troubleshoot, research root cause, and contribute to thoroughly resolve defects whilst maintain ongoing communication with stakeholders and customers.Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why AWSMentorship and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

• 10+ years industry or experience in Security Engineering leading the design and implementation and delivery of security for cloud native, distributed computing
• Experience leading the design, implementation and delivery of security for cloud native, distributed computing with a principle of “Secure by Design” and “Defence in Depth”
• Expert knowledge of content filtering techniques, tokenization within sensitive data flows and cryptographic techniques
• Expert knowledge of physical and logical secure network design, UDP/TCP protocols and cloud topologies
• Proficient in at least one modern programming language such as Rust, Kotlin, GoLang, Java, C++, Python, C#, TypeScript etc used in the development of software solutions across complex production environments

• Bachelor or Master degree in Computer Science or related field
• 10+ years professional experience in Security Engineering with an emphasis on cross domain solutions.
• Deep hands-on technical expertise in technical analysis and cyber security
• Expert knowledge of Cross Domain Solution architectures
• Experience in applying CISSP CBK domain controls to distributed systems (for example Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management etc)
• Experience in managing information security events and incidents for large, sophisticated networks
• Ability to lead external security testing (ITHC, Penetration Testing, etc) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service solutions