Security Engineer II, AWS Security

Amazon

Amazon is a global technology company known for e-commerce, cloud computing, and artificial intelligence.

Columbia, MD, USA

$136,000 - $212,800

Security

Senior Software Engineer

In-Person

5,000+ Employees

5+ years of experience

Cybersecurity · Enterprise SaaS

This job posting may no longer be active. You may be interested in these related jobs instead:

Security Operations Engineer, AWS Security Cloud Response

Amazon

Senior Security Operations Engineer role at AWS Security focusing on incident response, security tool development, and team leadership.

Sr. Security Engineer, AppSec - Amazon Stores Security

Amazon

Senior Security Engineer role at Amazon focusing on application security, threat modeling, and secure code review for Amazon Stores' diverse technology portfolio.

Security Engineer, Kuiper Security

Amazon

Senior Security Engineer role at Amazon's Project Kuiper, focusing on securing satellite-based broadband communications systems and protecting customer data.

Sr. Security Systems Engineer, DC Security Solutions Engineering

Amazon

Senior Security Systems Engineer role at AWS, focusing on designing and implementing comprehensive security solutions for data centers, requiring 8+ years of experience in security systems.

Senior Security Engineer, Stores AppSec

Amazon

Senior Security Engineer role at Amazon Stores focusing on application security, threat modeling, and secure development practices.

Description For Security Engineer II, AWS Security

AWS Security is seeking a Red Team Security Engineer to ensure the security of their systems and processes against the latest threats. As a Security Engineer II, you'll be part of a team responsible for conducting offensive campaigns, emergent threat testing, and creating/maintaining automated threat emulation solutions. You'll also help security and service teams incorporate offensive insights into their development, deployment, monitoring, and response processes.

Key responsibilities include:

Vulnerability identification and tracking
Offensive security testing and vulnerability research
Emergent threat testing
Creating and maintaining automated threat emulation solutions
Recommending findings and threat mitigations
Producing high-quality red team reports
Security tool development and metrics delivery
Providing security training and outreach to internal development teams

This role requires strong skills in multiple domains, leadership within the AWS IT Security team, and the ability to deliver results in uncertain situations. You'll be expected to share knowledge, lead security reviews of large Amazon projects, and set standards for the team. The position demands excellent judgment in making technical trade-offs and navigating difficult situations with composure.

Amazon offers a supportive and inclusive team culture, with a focus on work-life balance and career growth. The team values mentorship and knowledge sharing, providing opportunities for professional development and taking on more complex tasks.

This position requires US Citizenship and an active TS/SCI security clearance with polygraph.

Basic Qualifications:

Bachelor's degree, or relevant certifications (CCSP, CEH, CFR, Cloud+, CySA+, GCED, or GICSP)
Current, active US Government Security Clearance of TS/SCI with Polygraph

Preferred Qualifications:

Offensive Security Certified Professional (OSCP) equivalent or higher
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) equivalent or higher

Amazon is an equal opportunity employer committed to diversity and inclusion. They offer competitive compensation, including equity and sign-on payments, as well as a full range of benefits.

Last updated 5 months ago

Responsibilities For Security Engineer II, AWS Security

Conduct offensive campaigns and emergent threat testing
Create and maintain automated threat emulation solutions
Produce high-quality red team reports
Provide security training and outreach to internal development teams
Lead security reviews of large Amazon projects
Set standards and define best practices for the AWS IT Security team
Provide thought leadership and innovation in security practices
Mentor and train other engineers throughout AWS

Requirements For Security Engineer II, AWS Security

Linux

US Citizenship
Active TS/SCI security clearance with polygraph
Bachelor's degree or relevant certifications (CCSP, CEH, CFR, Cloud+, CySA+, GCED, or GICSP)
Strong skills in multiple security domains
Excellent judgment in making technical trade-offs
Ability to navigate difficult situations with composure and tact
Broad understanding of AWS business and its interconnections

Benefits For Security Engineer II, AWS Security

Medical Insurance

Equity

Visa Sponsorship

Competitive salary
Equity
Sign-on payments
Medical benefits
Financial benefits
Work-life balance
Career growth opportunities
Mentorship programs

Amazon

Amazon is a global technology company known for e-commerce, cloud computing, and artificial intelligence.

Columbia, MD, USA

$136,000 - $212,800

Security

Senior Software Engineer

In-Person

5,000+ Employees

5+ years of experience

Cybersecurity · Enterprise SaaS

Amazon

Implement a Stack using a Queue

Data Structures & AlgorithmsMedium

Implement a Stack data structure using one or more Queues. Your stack should support the standard push, pop, top (peek), and empty operations. push(x):** Adds element x to the top of the stack. pop():** Removes the element on the top of the stack and returns it. top():** Returns the element on the top of the stack without removing it. empty():** Returns whether the stack is empty. For example, consider the following sequence of operations: push(1) push(2) top() // returns 2 pop() // returns 2 empty() // returns false Explain your approach clearly, focusing on how you would use queue operations (enqueue and dequeue) to achieve stack-like behavior. Discuss the time complexity of each operation in your implementation. Consider edge cases and potential optimizations.

Stacks

Database Problems

Amazon

Design a system to clean and transform inconsistent customer data from various sources into a consistent format for analysis, addressing data cleaning, transformation, scalability, and error handling. Provide code examples for data cleaning and transformation steps.

System DesignMedium

Let's explore a scenario involving data transformation. Imagine you're receiving a stream of customer data from various sources. This data includes customer IDs, names, email addresses, and purchase histories. However, the data is inconsistent: some sources use different formats for dates, some have missing fields, and others use abbreviations for states. Your task is to design a robust and efficient system to clean and transform this data into a consistent format suitable for analysis. Specifically: Data Cleaning: How would you handle missing values, inconsistent date formats (e.g., MM/DD/YYYY vs. YYYY-MM-DD), and variations in state abbreviations (e.g., CA vs. California)? Provide code examples (Python is preferred) demonstrating how you would address these issues. Data Transformation: How would you transform the data to ensure consistency? For example, you might need to convert all dates to a standard format, expand state abbreviations to their full names, and ensure all customer IDs are in a uniform format. Scalability: How would you design the system to handle a large volume of data (e.g., millions of records per day)? Consider the technologies and architectures you would use to ensure scalability and performance. Think about potential bottlenecks and how to address them. Error Handling: Describe how you would implement error handling and logging to identify and address data quality issues. What metrics would you track to monitor the quality of the transformed data? For instance, suppose you receive the following data snippets: Source 1: {customer_id: 123, name: Alice, email: alice@example.com, purchase_date: 01/01/2023, state: CA} Source 2: {CustomerID: 456, Name: Bob, Email: bob@example.com, PurchaseDate: 2023-01-01, State: California} How would your system handle these variations and transform them into a unified format like this: {customer_id: 123, name: Alice, email: alice@example.com, purchase_date: 2023-01-01, state: California}

Database Problems

Arrays

Strings

Amazon

Tell me about a time you exemplified one of Amazon's leadership principles.

Behavioral

Tell me about a time you exemplified one of Amazon's leadership principles. For example, consider the 'Customer Obsession' principle. Can you describe a situation where you went above and beyond to meet a customer's needs, even when it was challenging or required you to think outside the box? What specific actions did you take, and what was the outcome? Alternatively, let's explore the 'Bias for Action' principle. Share an instance where you had to make a quick decision with limited information. What was the situation, what factors did you consider, and how did you mitigate the risks associated with acting swiftly? Or perhaps you can elaborate on a time you demonstrated 'Ownership.' Describe a project or task where you took full responsibility for the outcome, even when things didn't go as planned. How did you handle the setbacks, and what did you learn from the experience? Another good principle to discuss could be 'Invent and Simplify.' Tell me about a time you created an innovative solution to a complex problem, while keeping it simple and easy to use. What was the problem, what was your solution, and how did you ensure its simplicity? Finally, tell me about a time where you had to 'Learn and Be Curious'.

Interested in this job?