Software Development Engineer, AWS Vulnerability Management
Amazon
Description
In this role, you will design and build innovative tooling and GenAI-powered solutions that enable attestation of fleet and security control information to internal and external audit and regulatory bodies. You will create systems that help security engineers investigate, understand, and articulate the true nature of risks associated with software vulnerabilities across AWS. Your work will include building automation to prioritize risks, developing programs that report accurately on contextualized risk, and collaborating closely with stakeholders in Security Assurance and Proactive Security to simplify how we measure risk across our lines of business and services. This role combines long-term strategic technical projects that raise the bar on security tooling across the enterprise with the excitement and challenge of rapidly adapting to changing attestation needs for a globally distributed fleet.
In this role you will be expected to deliver:
* Design and build scalable tools and platforms that automate the collection, validation, and attestation of security control and fleet data
*Develop systems that enable security teams to investigate and contextualize vulnerability risks across all AWS products and services
*Create APIs and integrations that connect compliance, risk, and attestation systems with audit workflows
*Build self-service capabilities that empower teams to efficiently respond to audit and regulatory requests
GenAI & Intelligence Features
* Implement GenAI-powered features to accelerate evidence gathering, risk analysis, and compliance documentation
* Develop intelligent systems that help articulate and communicate risk context to diverse audiences
* Create automated report generation capabilities that translate technical security data into audit-ready attestations
* Leverage LLMs and machine learning to improve risk prioritization and decision-making
Collaboration & Impact
To be successful you will partner closely with Security Assurance and Proactive Security teams to understand requirements and deliver solutions that simplify risk measurement. You will work with security engineers to understand their workflows and build tools that enhance their effectiveness and
collaborate with audit and compliance stakeholders to ensure tooling meets regulatory and attestation standards.
T
Key job responsibilities
*Tooling & Automation Development
Design and build scalable tools and platforms that automate the collection, validation, and attestation of security control and fleet data
Develop systems that enable security teams to investigate and contextualize vulnerability risks across all AWS products and services
Create APIs and integrations that connect compliance, risk, and attestation systems with audit workflows
Build self-service capabilities that empower teams to efficiently respond to audit and regulatory requests
GenAI & Intelligence Features
Implement GenAI-powered features to accelerate evidence gathering, risk analysis, and compliance documentation
Develop intelligent systems that help articulate and communicate risk context to diverse audiences
Create automated report generation capabilities that translate technical security data into audit-ready attestations
Leverage LLMs and machine learning to improve risk prioritization and decision-making
Collaboration & Impact
Partner closely with Security Assurance and Proactive Security teams to understand requirements and deliver solutions that simplify risk measurement
Work with security engineers to understand their workflows and build tools that enhance their effectiveness
Collaborate with audit and compliance stakeholders to ensure tooling meets regulatory and attestation standards
Contribute to the technical direction of compliance and attestation systems across AWS
Technical Excellence
Demonstrate both depth and breadth in your technical knowledge, from low-level systems to high-level architecture
Build robust, maintainable code that meets the highest standards for security and reliability
Define and track metrics and KPIs to measure the effectiveness and adoption of your tools
Participate in technical design reviews and contribute thought leadership on compliance automation
About the team
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.