Principal Security Engineer
Description For Principal Security Engineer
Amazon Web Services (AWS) is seeking a Principal Security Engineer for their Cross Domain Services (CDS) team. This role involves implementing innovative cloud computing solutions, solving complex technical problems, and helping to build and operate the world's largest cloud computing infrastructure. The ideal candidate will be responsible for raising the cyber security bar for CDS, owning secure design, leading threat modeling activities, defining integrated cloud security architectures, and supporting global engineering teams.
Key responsibilities include:
- Being Amazon's voice in technical security engagements
- Directing changes that alter threat models and driving architectural mitigations
- Reviewing designs, challenging patterns and principles, and setting security precedents
- Balancing achievability and affordability in designs
- Establishing security requirements for cloud-based solutions
The role requires collaboration with customers, suppliers, engineering teams, program management, and senior stakeholders. The Principal Security Engineer will play a pivotal role in ensuring Amazon continually exceeds high security standards expected by customers.
This position is open to candidates from Sydney or Melbourne and requires the ability to obtain an Australian Government Security Vetting Agency clearance. The ideal candidate will have 10+ years of experience in Security Engineering, expert knowledge of cross-domain solutions, and proficiency in modern programming languages.
Join AWS to be part of a team that's redefining cloud computing and setting new standards in security architecture.
Responsibilities For Principal Security Engineer
- Raise the cyber security bar for AWS Cross Domain Services
- Own the secure design of AWS Cross Domain Services
- Lead threat modeling activities
- Define integrated cloud security architectures
- Support global engineering teams in realizing security patterns and vision
- Be Amazon's voice in technical security engagements
- Direct changes that alter threat models and evaluate security posture
- Review designs, challenge patterns and principles, set precedent and direction
- Maintain balance between achievability and affordability in designs
- Establish security requirements for cloud-based solutions
- Collaborate with customers and suppliers to model security requirements
- Ensure strategic architecture is met across design, implementation, deployment, and operation
- Engage with stakeholders on planning and communication of project deliverables
- Support operational integrity and troubleshoot issues when needed
Requirements For Principal Security Engineer
- 10+ years industry experience in Security Engineering
- Experience leading design, implementation, and delivery of security for cloud native, distributed computing
- Expert knowledge of content filtering techniques, tokenization, and cryptographic techniques
- Expert knowledge of physical and logical secure network design, UDP/TCP protocols, and cloud topologies
- Proficiency in at least one modern programming language (e.g., Rust, Kotlin, GoLang, Java, C++, Python, C#, TypeScript)
- Bachelor or Master degree in Computer Science or related field (preferred)
- Deep hands-on technical expertise in technical analysis and cyber security
- Expert knowledge of Cross Domain Solution architectures
- Experience in applying CISSP CBK domain controls to distributed systems
- Experience in managing information security events and incidents for large networks
- Ability to lead external security testing of solutions on public cloud, cloud native platforms, and SaaS solutions
- Ability to obtain Australian Government Security Vetting Agency clearance
