Security & Compliance Engineer I, AWS Security Assurance Services, LLC

AWS Security Assurance Services LLC•3h ago

United StatesOnsiteFull-timeEntry Level2+ yrs exp

H-1B verified · 2310 LCAs

Apply now

Top focus

Security EngineerCloud Security EngineerAws EngineerCompliance OfficerSecurity Architect

AWS Security Assurance Services (SAS) is hiring an Associate Security & Compliance Engineer to help build and operate AWS security and compliance solutions for highly regulated customers. You will execute your team’s security processes, contribute to runbooks and tooling, write and review code and Infrastructure-as-Code
help ship secure-by-design implementations aligned to compliance frameworks (SOC2, HIPAA, PCI-DSS, CIS, NIST, FedRAMP). You’ll work on well-defined security problems with regular checkpoints from your team, learn from peer review
grow your skills in secure design, threat modeling
AWS security engineering. You will be a reliable contributor on customer engagements and a strong security advocate within your team. Key job responsibilities
Implement custom security controls, enforcements, detections, and automated remediations
Contribute to Infrastructure-as-Code modules for Landing Zones, AWS Control Tower customizations, and security baselines using Terraform, AWS CDK, or CloudFormation.
Write Python and policy-as-code (cfn-guard, OPA Rego, Cedar) to extend preventive and detective controls.
Participate in code, IaC, and design reviews; provide constructive feedback
Contribute to POCs on emerging technologies; implement components, run experiments, and document findings so the team can build on the results.
Implement continuous compliance monitoring checks, evidence collection automations, and reporting dashboards.
Help identify, confirm and document risks and mitigations during design and implementation stages of customer engagements.
Apply common risk trade-offs (e.g., tactical compensating controls vs. addressing root causes) under guidance.
Contribute to runbooks, tools, and other security mechanisms used by the team and customers.
Participate in operational support; help ensure root causes of operational and security issues are identified and resolved.
Follow established procedures to diagnose problems, and escalate appropriately when blocked.
Communicate security risk for low-complexity problems clearly in writing and verbally to your team and direct leadership.
Solicit differing views and learn from peer feedback.
Travel to customer sites as needed. About the team The AWS Security Assurance Services team, within AWS Support, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads requires reliable delivery of bar-raising security outcomes and investment in security mechanisms and automation on behalf of our customers. AWS Security Assurance Services LLC, a PCI-QSAC and HITRUST External Assessor Firm, is a team of industry-certified assessors and Compliance Engineers with DevOps and Cloud Infrastructure Architect backgrounds, helping our customers achieve, maintain
automate compliance in the cloud by tying applicable audit standards to AWS service-specific features and functionality. The SAS team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud.
2+ years of web protocols, common security attacks
remediation (non-internship) experience - Bachelor's degree in Engineering, Computer Science
a related field - Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent - Experience with web protocols, common security attacks
remediation (non-internship) - Experience solving basic problems by writing code or scripts with some assistance - Experience in web security
experience demonstrating software engineering skills in a previous intership, work experience, coding competitions
publications and experience in networking administration and troubleshooting - 1+ years of cloud architecture and solution implementation experience
US government security clearance of top secret or above - Experience working effectively on milestone-driven projects - Experience in identifying incomplete or inaccurate data, identifying the root cause and creating/implementing an escalation plan
experience communicating results to senior leadership - Knowledge of one or more of the following domains: access-control system and methodology, network security, application- and system-development security, security architecture and models, cryptography
operations security - Experience communicating clearly and concisely with leadership, stakeholders
cross-functional teams -
Experience demonstrating software engineering skills in a previous internship, work experience, coding competitions
experience that includes strong analytical skills, attention to detail
effective communication abilities
Experience with AWS services or other cloud offerings - 1+ years of cloud based solution (AWS or equivalent), system, network and operating system experience
AWS Professional level certification - Knowledge of networking protocols such as HTTP, DNS and TCP/IP - Experience coding, scripting, automating in at least one language (e.g., Python, C, C++, Java, Ruby
PowerShell) - Experience writing technical articles, speaking at technology conferences
contributing to open source -
Experience with compliance & security standards including PCI DSS, ISO 27001, HIPAA, and NIST -
Hands-on experience with AWS security and governance services: Config, Security Hub, IAM, KMS, VPC, Lambda, CloudTrail, CloudWatch/EventBridge. -
Familiarity with AWS core services and at least one Infrastructure-as-Code tool (Terraform, AWS CDK, or CloudFormation). -
Exposure to policy-as-code tools (cfn-guard, OPA Rego, Cedar, or equivalent). -
Internships, projects, or coursework in cloud security, application security, or compliance automation. -
Familiarity with multi-account AWS Organizations and Service Control Policies. -
Industry or AWS certifications: AWS Certified AI Practitioner, AWS Solutions Architect Associate, AWS Security Specialty
equivalent (or willingness to earn within the first year). Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability
other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner. The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications
location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off
parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits . USA, TN, Nashville - 132,500.00 - 179,200.00 USD annually USA, TX, Austin - 136,000.00 - 184,000.00 USD annually USA, TX, Dallas - 136,000.00 - 184,000.00 USD annually USA, TX, Houston - 136,000.00 - 184,000.00 USD annually USA, VA, Arlington - 136,000.00 - 184,000.00 USD annually USA, VA, Herndon - 136,000.00 - 184,000.00 USD annually USA, WA, Seattle - 136,000.00 - 184,000.00 USD annually

Required skills

PythonTerraformAWS CDKCloudFormationcfn-guardOPA RegoCedarAWS ConfigAWS Security HubIAMKMSVPCLambdaCloudTrailCloudWatch