Position Summary
Amazon Security’s Application Security Testing Automation and Insights team is looking for an Application Security Engineer to help proactively secure application resources across all of Amazon. You’ll work on deep research and scalable automation to identify and remediate vulnerabilities before code reaches production. This role blends big-picture problem solving with hands-on technical work—impacting some of Amazon’s largest businesses.
Key Responsibilities
-
Develop, curate, and enhance scalable application security rules for detecting vulnerabilities
-
Evaluate and recommend new security testing tools
-
Perform code deep dives and research application frameworks for weaknesses
-
Use telemetry to extract insights and detect vulnerabilities
-
Analyze and secure applications during runtime
-
Identify and mitigate perimeter exposures
-
Develop and refine security standards and guidance
-
Advocate for and implement security best practices across Amazon’s engineering teams
Basic Qualifications
-
3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++, or similar
-
Bachelor’s degree in Computer Science or equivalent
-
Knowledge of networking protocols (HTTP, DNS, TCP/IP)
Preferred Qualifications
-
2+ years of experience in one or more of: threat modeling, secure coding, identity management, authentication, cryptography, system administration, or network security
-
Experience with AWS products and services
-
Experience with Python, Java, or C++
Why Join Amazon Security?
-
Impact: Security is central to Amazon’s customer trust, and you’ll work across diverse businesses including retail, devices, entertainment, healthcare, and cloud services
-
Diverse Experiences: We welcome candidates with non-traditional backgrounds
-
Work-Life Harmony: Flexible culture that supports balance between home and work
-
Inclusive Team Culture: DEI events, mentorship, and knowledge-sharing opportunities
APPLY