Security Engineer II, Stores AppSec

Description

Welcome to Team LOAF. Our mission is to prevent security vulnerabilities from reaching production by identifying root causes and building scalable solutions that eliminate findings at their source.

Team LOAF focuses on systemic security improvement across the organization. We investigate significant vulnerabilities to uncover patterns, then build preventative mechanisms that reduce recurrence with minimal builder effort. Rather than simply remediating individual findings, we address the underlying causes that generate them at scale.

We prioritize our work based on impact, targeting business units with the highest volume, severity, or concentration of security findings. Our solutions (paved paths, secure defaults, and reusable components) benefit broad segments of builders across the organization.

Our approach combines deep technical analysis with scalable automation:

• Root Cause Analysis:
  We perform thorough investigations of vulnerabilities using both manual research and AI-powered tooling to identify systemic patterns across the security landscape
• Preventative Mechanisms:
  We design and implement frameworks and components that shift security left in the development lifecycle
• Security Dashboards:
  We build dashboards for teams, leadership, and customers that surface trends, highlight risky concentrations, and track remediation velocity
• AI-Driven Analysis:
  We re maturing an LLM-based engine to automate pattern detection across large datasets, enabling analysis at scale across 75M+ findings
• Cross-Functional Partnership:
  We collaborate closely with App Sec, tooling teams, security reviewers, and business units to ensure our solutions are both technically sound and practically adopted

As part of Team LOAF, you ll deliver systemic security improvements that prevent findings from reaching production, reduce builder toil, and advance the security control landscape through scalable, automated solutions. Your work will have measurable impact across the organization s security posture.

• Conduct root cause analysis of security vulnerabilities using manual research and AI-powered tooling to identify systemic patterns across the security landscape
• Design and implement preventative mechanisms, frameworks, and components that reduce vulnerability recurrence with minimal builder effort
• Develop security dashboards and metrics for teams, leadership, and customers that surface trends, highlight risky concentrations, and track remediation velocity
• Build and mature LLM-based root cause analysis engines to automate pattern detection and deliver recommendations across large datasets
• Partner with App Sec, tooling teams, security reviewers, and business units to ensure solutions are technically effective and practically adopted
• Prioritize work based on impact, targeting business units with the highest volume, severity, or concentration of security findings
• Create paved paths, secure defaults, and reusable components that benefit broad segments of builders across the organization

About Amazon Security

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn t followed a traditional path, or includes alternative experiences, don t let it stop you from applying.

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

In Amazon Security, it s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

We re continuously raising our performance bar as we strive to become Earth s Best Employer. That s why you ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there s nothing we can t achieve.

Basic Qualifications

• 2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
• 2+ years of troubleshooting systems issues, analyzing…