Skip to main content

Principal Security Engineer

Job ID: 2818404 | Amazon Web Services Australia Pty Ltd

DESCRIPTION

Would you like to help implement innovative cloud computing solutions and solve the most complex technical problems? Are you excited by the prospect of helping to build and run the world's largest cloud computing infrastructure?

Amazon Web Services (AWS) builds and operates some of the largest internet infrastructure on the planet; providing companies of all sizes with an infrastructure web services platform in the cloud. With AWS, customers provision compute power, storage, database, and other cloud resources as their business demands them. To meet the growing demand for AWS Services around the globe, we need exceptionally motivated people who are driven by learning and innovation.

This is an opportunity to operate and engineer systems on a massive scale, and to gain world class experience in cloud computing. You'll be surrounded by people who are passionate about cloud computing, believe that first class service is critical to customer success, and are committed to improvement.

Top reasons to join our team:
• Be a catalyst to deliver a truly disruptive products that are growing rapidly
• Influence and design distributed systems design at massive scale
• Lead technical road maps and innovation plans, both internally and with external customers and suppliers, with a focus on security architecture
• Mentor and coach engineering teams to provide direction, oversight and a clear path to secure architecture design and implementation

The role will be pivotal to the technical success of the program. You will operate at the confluence between the customer and the AWS, identifying, applying and evaluating secure design patterns across our cloud architecture.

As a Principal Security Engineer on the AWS Cross Domain Services (CDS) team, you will be responsible to raise the cyber security bar for the CDS. You will be expected to own the secure design of AWS Cross Domain Services, lead threat modelling activities, define integrated cloud security architectures and support global engineering teams in realising the primary security patterns and ultimately your vision. Your time will be equally spent with our internal AWS stakeholder team, the service engineering teams and our external partners.

This role is open to candidates from Sydney or Melbourne.

Hold or be able to attain an Australian Government Security Vetting Agency clearance (see https://www.agsva.gov.au/applicants/eligibility-and-suitability)


Key job responsibilities
• You will be Amazon’s voice in technical security engagements, ensuring we continually obsess on customer needs, and building trust through clear and accurate architectural reviews and assessments
• You will direct and lead on changes that alter our threat models, evaluating our security posture and driving appropriate architectural mitigations across our services
• You will take the lead in reviewing designs, challenging patterns and principles, setting precedent and direction, and indexing on security whilst adhering to cloud best practices
• You will maintain the balance between achievability and affordability in our designs, ensuring the right stakeholders are informed and engaged every step of the way
• You will establish security requirements for cloud-based solutions by evaluating business strategies and requirements; implementing security standards such NCSC Security Principles, NIST CSF, FIPS, or CSA as appropriate

A day in the life
The Principal Security Engineer will be a hands-on leader who is able to combine deep security learnings with cloud technology to drive the program architectural roadmap. You will collaborate with our customers and suppliers to model security requirements against Amazons cloud capabilities. You will work closely with engineering teams, program management and senior stakeholders to translate requirements into achievable designs that raise the bar for Amazon. Once delivered, you will play a pivotal role in ensuring that across our program Amazon continually exceeds the high security bar that is expected by our customers.

As a security advocate you will be expected to function across Amazon teams ensuring that the strategic architecture is met across design, implementation, deployment and operation; playing a key role in defining the mechanisms that Amazon will use to validate how are services are meeting all the security operational controls.

Communication is an integral part of this role, and there is an expectation that you will engage with stakeholders on planning and communication of project deliverables. You may also be called upon to support operational integrity and, in the event of problems, be able to troubleshoot, research root cause, and contribute to thoroughly resolve defects whilst maintain ongoing communication with stakeholders and customers.

About the team
Utility Computing (UC)
AWS Utility Computing (UC) provides product innovations — from foundational services such as Amazon’s Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2), to consistently released new product innovations that continue to set AWS’s services and features apart in the industry. As a member of the UC organization, you’ll support the development and management of Compute, Database, Storage, Internet of Things (Iot), Platform, and Productivity Apps services in AWS, including support for customers who require specialized security solutions for their cloud services.

The Region Services team redefines the way AWS designs, builds, and operates AWS regions to enable new AWS Cloud Infrastructure and Services offerings to customers across every industry and of every size, including start-ups, enterprises, and public sector organizations.

Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

Inclusive Team Culture
Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.

Mentorship and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

BASIC QUALIFICATIONS

• 10+ years industry or experience in Security Engineering leading the design and implementation and delivery of security for cloud native, distributed computing
• Experience leading the design, implementation and delivery of security for cloud native, distributed computing with a principle of “Secure by Design” and “Defence in Depth”
• Expert knowledge of content filtering techniques, tokenization within sensitive data flows and cryptographic techniques
• Expert knowledge of physical and logical secure network design, UDP/TCP protocols and cloud topologies
• Proficient in at least one modern programming language such as Rust, Kotlin, GoLang, Java, C++, Python, C#, TypeScript etc used in the development of software solutions across complex production environments

PREFERRED QUALIFICATIONS

• Bachelor or Master degree in Computer Science or related field
• 10+ years professional experience in Security Engineering with an emphasis on cross domain solutions.
• Deep hands-on technical expertise in technical analysis and cyber security
• Expert knowledge of Cross Domain Solution architectures
• Experience in applying CISSP CBK domain controls to distributed systems (for example Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management etc)
• Experience in managing information security events and incidents for large, sophisticated networks
• Ability to lead external security testing (ITHC, Penetration Testing, etc) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service solutions


Acknowledgement of country:
In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.

IDE statement:
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer, and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, disability, age, or other legally protected attributes.