Senior Software Development Engineer, Security Automation, Capabilities, Corporate Services Security (CPSS)
Software Engineering
Arlington, VA, USA
Description
We are building the security automation platform that protects Amazon's most sensitive corporate systems, covering finance, HR, legal, and communications. You will design and own these systems end-to-end, from architecture through production operations, with full autonomy over the technology approach.
The work spans detection pipelines, security alerting platforms, custom rule engines, and developer-facing tooling that catches vulnerabilities at code review time. You will connect disparate security workflows into cohesive systems, operate alerting infrastructure that surfaces threats before they become incidents, and define how security scales across hundreds of applications. This is hands-on engineering with real architectural ownership, not a consulting or advisory role.
You will lead design across multiple concurrent efforts, mentor engineers on the team, and influence the broader security engineering strategy. The business problems are well-defined. The technology solutions are yours to build.
Key job responsibilities
- Design, build, and operate security automation systems on AWS that protect corporate applications processing sensitive financial and employee data.
- Own the architecture of detection pipelines, alerting platforms, and custom rule engines. Define the technology approach, not just implement features.
- Build integrations with application security teams to deliver continuous automated scanning that replaces manual security reviews.
- Lead technical design across multiple efforts simultaneously. Review the work of other engineers to ensure architectural coherence and production readiness.
- Write and operationalize detection rules that surface security issues during code review, before code reaches production.
- Mentor engineers, lead design reviews, and communicate technical strategy and trade-offs to leadership in writing.
A day in the life
On any given day you might author a new custom code-review rule and roll it out across a set of development teams, analyze scan results from a continuous security evaluation pilot to measure detection coverage, design the next integration between your platform and a centralized scanning service, or troubleshoot a production pipeline that processes security findings. The problems are real, the data is sensitive, and you own outcomes from design through production.
About the team
The Capabilities team builds and operates the internal tooling that the rest of our security organization depends on. Right now that includes custom code-review rule sets that we author and roll out across development teams, integrations with centralized security scanning platforms, and shared cloud infrastructure that other security teams deploy on top of. We own what we ship, from design through operations. You will work alongside security engineers and partner with application security teams across the company.