We are seeking a Security Engineer to participate in architectural reviews and threat models, develop and support requirements for Amazons Identity and Access Management initiatives. You will support programs that improve access management infrastructure across a complex global environment, develop policies and procedures for the identity lifecycle, and provide identity and auth. N/auth. Z design review and threat modeling services across the enterprise. Data-driven decisions are important to Amazon. You will draw heavily on your experience collecting, analyzing, and summarizing data to create compelling written and verbal communications to peer teams and organizational leadership. If you are excited about the challenges and opportunities described here and you have the background, education, and experience to excel in these areas, wed love to talk with you further about our company, the team, and how you are uniquely qualified to join us! A day in the life. We primarily drive improvements to authentication and authorization for Stores, Digital and Other (SDO). We invest in deeply understanding the different ways Amazon does business to devise strategies that meaningfully improve security posture, while enabling business productivity. As a core component of modern technology, IAM provides security teams with a mechanism to holistically enforce central security policy and reduce the risk of fraud and lateral movement. The role advises the business on IAM security risks and best practices through a combination of consultation and project engagements. The role envisions, advocates for and implements Am. Sec IAM guidance for human, device and service identity workloads. About the team. Diverse Experiences. Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasnt followed a traditional path, or includes alternative experiences, dont let it stop you from applying. Why Amazon Security? At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazons products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Inclusive Team Culture. In Amazon Security, its in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices. Training & Career Growth. Were continuously raising our performance bar as we strive to become Earths Best Employer. Thats why youll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. Work/ Life Balance. We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, theres nothing we cant achieve. Basic Qualifications- 3 years of scripting, programming, and security code review in a common programming language (non-internship) experience- 2 years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience- Bachelor's degree in computer science or equivalent- Knowledge of networking protocols such as HTTP, DNS and TCP/ IP- Knowledge of industry-based security vulnerabilities and remediation techniques- Familiarity with relevant identity-oriented standards, such as NIST 800-63 and GDPR - Preferred Qualifications- 2 years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience- 2 years of scripting, programming, or security code review in a common language, such as Python, Java or C experience- Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks- Experience with AWS products and services- Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing- Experience leveraging Large Language Models (LL - Ms) to automate and scale security, with a strong understanding of associated security risks and mitigation strategies.