Amazon Security Engineer II Infrastructure Compliance 

United States, Kansas 

39570419

You’ll join a diverse team of software, hardware, and network engineers, supply chain specialists, security experts, operations managers, and other vital roles. You’ll collaborate with people across AWS to help us deliver the highest standards for safety and security while providing seemingly infinite capacity at the lowest possible cost for our customers. And you’ll experience an inclusive culture that welcomes bold ideas and empowers you to own them to completion.Key job responsibilities
You will aid in the development, assessment, and analysis of security outcomes for AWS Infrastructure (networking, supply chain security and/or data center compliance) in accordance with NIST, FedRAMP, ISO and AWS standards.As a member of the Infrastructure Security Compliance organization, you are expected to be the subject matter expert on regulatory, compliance, legal implications on security risks and opportunities.Identify and drive mitigation of security risks through formal, deep dive assessment activitiesLead in the identification and application of remediation and mitigation techniques, including the development of monitoring and reporting capabilities for continued compliance.You will assist technical teams in resolving security issues and concerns and providing contextualization as well to how compliance with various standards and frameworks is achieved.
Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why AWS
Work/Life BalanceMentorship and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

- 4+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Bachelor's degree in computer science or equivalent
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- A strong understanding of core internet and networking technologies (routing protocols, network architecture, TCP/IP, etc.)
- Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries

- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+
- Experience performing risk assessments of vulnerabilities and evaluating mitigating controls in large, complex networks
- Linux systems engineering skills and a solid grasp on operating system fundamentals
- Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)