Security Engineer, AWS Security

Amazon
Amazon

London, UK

Posted on Jul 6, 2026

Description

The AppSec Security Engineer evaluates service design and architecture and performs deep-dive security assessments to ensure applications and services meet a high security bar before launch. This role works alongside senior engineers to identify issues, drive remediation, and validate that security requirements are met.

Key job responsibilities
- Security Reviews: Conduct design reviews for new and existing services, evaluating architecture documents and system designs for security risks.
- Threat Modelling: Identify attack vectors and security weaknesses in application architectures through structured threat modelling exercises.
- Penetration Testing: Coordinate penetration testing to validate security controls and identify exploitable vulnerabilities.
- Finding Management: Document, track, and communicate security findings to service teams with clear remediation guidance, and verify fixes are implemented.
- Security Guidance: Advise development teams on secure coding practices, authentication/authorization mechanisms, cryptographic implementations, and data protection strategies.
- Escalation Support: Identify and escalate high-severity issues through appropriate channels, ensuring timely remediation aligned with launch timelines.
- Documentation: Maintain clear documentation of review outcomes, security decisions, and risk assessments.
- Tool Improvements: Leverage automated tools to support reviews and improve efficiency.

About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.