Skip to content
mimi
All jobs · Security Engineer jobs

Security Engineer, Leo Security

Amazon

Arlington · On-site Full-time $159k – $202k/yr Yesterday
Apply with a tailored resume Save job

About the role

Here’s a quick snapshot of the role so you can see at a glance what’s most important. Let me know if you’d like a deeper dive into any section (e.g., interview prep, résumé tailoring, or a mock “day‑in‑the‑life” scenario).

📍 Position Overview

Team: Leo Security – Project Leo (low‑Earth‑orbit broadband constellation)
Locations: Arlington, VA | Redmond, WA (U.S.)
Employment Type: Full‑time, Amazon Security
Salary Range: $159,300 – $202,400 USD base (plus sign‑on, RSUs, benefits)

🎯 Core Responsibilities

Area What You’ll Do
Detection & Automation Design & implement Kuiper’s detection pipeline; create/deploy testing tools; work with automation teams to surface discoverable vulnerabilities.
Risk & Vulnerability Management Identify design/implementation defects; build compensating detective controls; guide product teams on security decisions; measure org‑wide security execution.
Strategic Guidance Partner with business and product leaders to set security priorities; act as a trusted advisor; help define security requirements for new product launches.
Technical Debt & Long‑Term Risk Assess technical debt, propose architectural fixes, lead burn‑down of long‑term risk.
Mentorship & Culture Instill security mindset across builder teams; run 1‑on‑1s, office hours, and mentorship for aspiring security engineers.
Red‑Team Enablement Prioritize security testing, scope penetration tests, deep‑dive findings, and devise detection mechanisms for emerging threats.
Hands‑On Hacking Get to play with bleeding‑edge satellite‑tech and security tooling.

🛠️ Required Skills & Experience

Minimum Details
Programming 3+ years in Python, Ruby, Go, Swift, Java, .NET, C++ or similar OO language.
Scripting / Code Review 2+ years of security‑focused scripting, code review, and automation (non‑internship).
Systems Troubleshooting 2+ years analyzing logs, using CLI tools, automating routine tasks.
Education Bachelor’s in a STEM field or equivalent IT‑Security experience.
Networking Basics Understanding of HTTP, DNS, TCP/IP.

🌟 Preferred (Nice‑to‑Have) Qualifications

  • Threat modeling, secure coding, identity/authentication, cryptography, sysadmin, or network security (2+ years).
  • Proficiency with command‑line troubleshooting and log analysis.
  • Hands‑on experience with AWS services.
  • Direct involvement in security activities across the SDLC (design review, threat modeling, secure code review, security testing).

🤝 Culture & Benefits

  • Diverse, inclusive environment – Amazon encourages applicants from non‑traditional backgrounds.
  • Learning & growth – Access to DEI events, knowledge‑sharing sessions, and a wide range of security domains (cloud, devices, retail, health, etc.).
  • Work‑life harmony – Flexible hours & arrangements; emphasis on balance.
  • Comprehensive benefits – Medical/dental/vision, 401(k) match, paid time off, parental leave, mental‑health resources, adoption/surrogacy reimbursement, and more.

📋 Export‑Control Requirement

Because of U.S. export‑control regulations, candidates must be:

  • U.S. citizen or national, or
  • U.S. permanent resident (Green Card holder), or
  • Lawfully admitted as a refugee or granted asylum.

Next Steps / How I Can Help

  • Resume polish – Align your experience with the “Core Responsibilities” and “Preferred Qualifications.”
  • Interview prep – Sample behavioral (STAR) questions and technical scenarios (e.g., designing a detection pipeline, threat‑modeling a satellite service).
  • Salary negotiation tips – How to discuss base, RSU, and sign‑on components.
  • Relocation guidance – If you’re moving to Arlington or Redmond, I can share cost‑of‑living insights and Amazon’s relocation support.

Just let me know which area you’d like to focus on, and we can dive right in!

Requirements

  • 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
  • 2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
  • 2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience
  • Knowledge of networking protocols such as HTTP, DNS and TCP/IP
  • 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
  • Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
  • Knowledge of networking protocols such as HTTP(S), DNS, and TCP/IP
  • Experience with AWS products and services
  • Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing

Responsibilities

  • Help define develop and implement Kuiper's detection pipeline.
  • Advocate for the creation & deployment of new testing tools, and detection mechanisms.
  • Leverage support from automation teams that find discoverable vulnerabilities.
  • Identify design & implementation defects and build compensating detective controls.
  • Support product development processes by providing consultation services on difficult security decisions.
  • Collaborate with business leaders to define security priorities.
  • Support product leaders by acting as a trusted advisor.
  • Support leaders by providing them with direction that makes security easy.
  • Help leaders measure their org's security execution.
  • Guide teams towards outcomes that produce products that safely handle customer data.
  • Collaborate with builder teams to assess technical debt and risk.
  • Provide strategic direction that addresses vulnerabilities and fortifies our products.
  • Be a resource that leads the burn down of long-term risk.
  • Instill a security culture in builder teams.
  • Mentor builders who aspire to become security advocates & security engineers via 1-1 sessions & office hours.
  • Assist Red Teams in identifying security testing priorities.
  • Assist in scoping penetration tests and help deep-dive on these engagements.
  • Investigate emerging security issue, root cause them, and devise mechanisms to detect them.
  • Hack some really cool bleeding edge tech!

Benefits

health_insurancedental_coveragepaid_time_off

Skills

AWSC++.NETGoHTTPHTTP(S)identity managementJavanetwork securitynetworking protocolsPythonRubysecure codingsecurity code reviewsoftware developmentSwiftsystem administrationTCP/IPthreat modelingtroubleshooting

Similar roles

Senior Ceph Engineer Enhancing Cloud Storage Architectures

ELITS

Fullstack Application Developer

Integrated Resources, Inc ( IRI )

Staff / Principal Software Engineer

Inworld AI

CA$180k – CA$260k/yr

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free