Security Engineering Manager, AWS Security Testing, AWS Proactive Security

Description

Shape the future of cloud security at AWS! Lead a specialized team of penetration testing engineers protecting millions of customers worldwide. Join the leading cloud provider and drive impactful security initiatives while developing your leadership career at a global scale.

Amazon Web Services (AWS) is the leading cloud service provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world, including government customers. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS’ highly secure infrastructure.

We are looking for a Security Engineering Manager to lead a team of penetration testing engineers who are responsible for validating that our services, applications, and websites are secured against the latest threats. In this role, you will evolve our security testing mechanisms and create metrics to demonstrate your team's performance. Your primary focus will be to raise the security bar on behalf of our customers, ensuring they are confident in the security of their data.

As a Security Engineering Manager at Amazon, you will be expected to lead with vision and strategic clarity, equipping and empowering your team with clear direction on immediate and future priorities. You will need to demonstrate deep knowledge of cyber security domains and be a sought-after thought leader across the organization. Your technical expertise should demonstrate both depth and breadth, allowing you to speak authoritatively on behalf of your team and actively participate in our organization's planning processes.

In this role, you'll need to demonstrate resilience habitually, practicing and strengthening the ability to recover and positively cope with change, ambiguity, stress, and setbacks both individually and as a team. This skill will be crucial as you combine long-term strategic planning to raise the bar on security across the enterprise with the excitement and challenge of quickly reacting to new threat scenarios.

Key job responsibilities
- Inspire and align your team toward a common purpose, providing strategic mental models and tools to achieve organizational goals
- Leverage the strengths of individual team members, delegating tasks appropriately and managing delivery of long-term initiatives
- Conduct ongoing evaluation of team performance, assessing effectiveness, efficiency, and interpersonal dynamics that contribute to achieving team objectives aligned with organizational priorities
- Coach for results by providing guidance, support, and development opportunities to help your team continuously learn and consistently achieve outcomes
- Define metrics to quickly and accurately present the team's performance and variance against its goals
- Participate in and/or coordinate segments of cross-AWS initiatives, communicating status and results effectively across the division
- Seek out stretch assignments for your current team and foster their professional career development
- Drive security initiatives and process improvements
- Lead recruitment efforts to build and maintain a high-performing team

A day in the life
As a Security Engineering Manager at AWS, you'll lead a specialized team of penetration testing engineers while balancing both technical leadership and people management responsibilities. Your typical day involves guiding your team's security testing efforts across AWS services, collaborating with service teams on current and upcoming engagments, and ensuring robust security standards are maintained.

You'll spend time mentoring your team members, reviewing critical security findings, and helping identify ways for us to continuously improve. You'll regularly connect with other security leaders and service teams to share insights and align on security initiatives. Some days you'll be deep in strategic planning or reviewing metrics to improve your team's effectiveness, while others might involve hands-on technical guidance for complex security assessments or interviewing potential new team members.

The role requires you to stay current with emerging security threats while ensuring your team has the tools and support they need to perform at their best. Whether you're presenting security recommendations to leadership or helping your team navigate challenging technical problems, you'll play a crucial role in protecting AWS customers and maintaining their trust in our services.


About the team
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.


Our team is embarking on an exciting transformation year focused on working smarter, not just harder. We're continuously improving our approach to security testing by tackling issues at their source through "shift left" initiatives, aiming to prevent security issues before they reach our Pre-Launch security mechanisms. Simultaneously, we're enhancing our operations through automation and process optimization, targeting a significant boost in team productivity. We're also refining our testing strategy to be more precise and impactful, ensuring we focus our expertise where it matters most. These goals reflect our commitment to evolving from traditional security testing to a more proactive, efficient security engineering organization.

Basic Qualifications

- BS in Computer Science, Management Information Systems, Engineering or related field, or equivalent work experience and experience directly managing a team of at least five engineers
- 5+ Years of Hands-on knowledge of information security technologies such as security design review, threat modelling, risk analysis, and software testing techniques and experience with AWS services, especially security-relevant services (ex: GuardDuty, CloudTrail, KMS, IAM)
- 5+ Years of Experience driving large, cross-organization initiatives and experience managing communication with geographically distributed teams and excellent written and verbal communication skills, especially experience with executive-level communications and skilled at explaining complex technical issues in terms understandable by the business

Preferred Qualifications

- Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Rust, etc.)
- Experience with vulnerability risk and impact assessment
- Knowledge of engineering practices and patterns for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operational excellence

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $157,600/year in our lowest geographic market up to $272,400/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.