Software Development Engineer II, Amazon Foundational Security Services
Amazon.com
Amazon Foundational Security Services (AFSS) is seeking a Software Development Engineer to join our Identity and Access Management team, where you'll transform how Amazon secures and manages its third-party cloud infrastructure at unprecedented scale. The Identity team owns a comprehensive suite of services that support Amazon's third-party cloud usage across Microsoft Entra, Google Cloud, and other cloud platforms, including identity lifecycle management, SCIM integration, user provisioning and deprovisioning, and enterprise authentication workflows. In this role, you'll design and implement event-driven architectures that process millions of identity events daily while maintaining strict security SLAs for hundreds of thousands of users across AWS native and third-party cloud applications worldwide.
Beyond identity management, you'll be instrumental in implementing and operating cloud security posture management (CSPM) solutions for continuous vulnerability scanning across Amazon's multi-cloud environments (similar to platforms like Wiz and CrowdStrike). You'll build automation for configuration-as-code frameworks (similar to Desired State Configuration and AWS Config) to ensure compliance and security baselines, develop log ingestion pipelines that aggregate security telemetry from diverse cloud platforms, and create monitoring and observability frameworks that provide real-time visibility into our security posture. Your solutions will power critical workflows including single sign-on with Entra, identity synchronization via Entra Connect, Google Workspace integration, certificate lifecycle management, and real-time access control enforcement across all Amazon businesses and teams globally.
You'll work with massive data sets, collaborate with business partners and leadership to influence product vision, and contribute to the design of systems that directly impact thousands of developers and teams company-wide. This is a high-impact opportunity where you'll see all aspects of the Amazon business—from Retail websites to digital products to the inner workings of Amazon Web Services—and your work will benefit both internal teams and Amazon's external customers. We're looking for a strong engineer with a background in third-party cloud identity systems, security tooling, and infrastructure automation, with experience designing and operating technology solutions across multiple cloud providers.
Key job responsibilities
Design and implement event-driven architectures for third-party cloud identity lifecycle management, including SCIM integrations with Microsoft Entra, Entra Connect synchronization, and Google Workspace provisioning that process millions of identity events
Deploy and operate cloud security posture management (CSPM) solutions such as Wiz and CrowdStrike to perform continuous vulnerability scanning, threat detection, and compliance monitoring across multi-cloud environments
Build configuration-as-code frameworks using Desired State Configuration, AWS Config, and infrastructure automation tools to enforce security baselines, maintain compliance requirements, and enable self-service security controls
Develop log ingestion pipelines and observability platforms that aggregate security telemetry, identity events, and configuration data from Microsoft Entra, Google Cloud, AWS, and other third-party cloud platforms
Collaborate with business partners, leadership, and engineering teams to support product vision, contribute to system design for identity and security services, diagnose and fix production issues, and participate in on-call rotations to maintain strict security SLAs
A day in the life
Your day is spent designing and building systems that secure Amazon's multi-cloud infrastructure at scale. You'll develop event-driven solutions for identity lifecycle management, implement SCIM integrations with Microsoft Entra and Google Workspace, and contribute to configuration-as-code frameworks that enforce security baselines. You'll build log ingestion pipelines aggregating security telemetry from diverse sources, support CSPM integration workflows for vulnerability scanning, and create automation for certificate lifecycle management. In design reviews, you'll collaborate with senior engineers on architectural decisions, write code, and translate business requirements into technical specifications that scale across multiple cloud providers.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Beyond identity management, you'll be instrumental in implementing and operating cloud security posture management (CSPM) solutions for continuous vulnerability scanning across Amazon's multi-cloud environments (similar to platforms like Wiz and CrowdStrike). You'll build automation for configuration-as-code frameworks (similar to Desired State Configuration and AWS Config) to ensure compliance and security baselines, develop log ingestion pipelines that aggregate security telemetry from diverse cloud platforms, and create monitoring and observability frameworks that provide real-time visibility into our security posture. Your solutions will power critical workflows including single sign-on with Entra, identity synchronization via Entra Connect, Google Workspace integration, certificate lifecycle management, and real-time access control enforcement across all Amazon businesses and teams globally.
You'll work with massive data sets, collaborate with business partners and leadership to influence product vision, and contribute to the design of systems that directly impact thousands of developers and teams company-wide. This is a high-impact opportunity where you'll see all aspects of the Amazon business—from Retail websites to digital products to the inner workings of Amazon Web Services—and your work will benefit both internal teams and Amazon's external customers. We're looking for a strong engineer with a background in third-party cloud identity systems, security tooling, and infrastructure automation, with experience designing and operating technology solutions across multiple cloud providers.
Key job responsibilities
Design and implement event-driven architectures for third-party cloud identity lifecycle management, including SCIM integrations with Microsoft Entra, Entra Connect synchronization, and Google Workspace provisioning that process millions of identity events
Deploy and operate cloud security posture management (CSPM) solutions such as Wiz and CrowdStrike to perform continuous vulnerability scanning, threat detection, and compliance monitoring across multi-cloud environments
Build configuration-as-code frameworks using Desired State Configuration, AWS Config, and infrastructure automation tools to enforce security baselines, maintain compliance requirements, and enable self-service security controls
Develop log ingestion pipelines and observability platforms that aggregate security telemetry, identity events, and configuration data from Microsoft Entra, Google Cloud, AWS, and other third-party cloud platforms
Collaborate with business partners, leadership, and engineering teams to support product vision, contribute to system design for identity and security services, diagnose and fix production issues, and participate in on-call rotations to maintain strict security SLAs
A day in the life
Your day is spent designing and building systems that secure Amazon's multi-cloud infrastructure at scale. You'll develop event-driven solutions for identity lifecycle management, implement SCIM integrations with Microsoft Entra and Google Workspace, and contribute to configuration-as-code frameworks that enforce security baselines. You'll build log ingestion pipelines aggregating security telemetry from diverse sources, support CSPM integration workflows for vulnerability scanning, and create automation for certificate lifecycle management. In design reviews, you'll collaborate with senior engineers on architectural decisions, write code, and translate business requirements into technical specifications that scale across multiple cloud providers.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Confirmar seu email: Enviar Email
Todos os Empregos de Amazon.com