Security Engineer II, StoreSec Application Security

Amazon Healthcare Security's (HealthSec) AI team is hiring a Security Engineer II to secure GenAI applications and enable secure AI adoption across Amazon Health Services (AHS). You will work at the intersection of AI for Security and Security for AI-securing AHS GenAI applications in production, hardening the AI-SDLC for AHS builders, and building AI-powered security tooling that scales protection across healthcare verticals including application security, network and infrastructure security, detections and monitoring, and incident response.

Working closely with AHS AI application builders and product teams, you will ensure that AI systems handling healthcare data meet HIPAA compliance and Amazon's security bar while improving security review process efficiency for both builders and peer healthcare security teams.

Key job responsibilities Define and drive implementation of proactive security controls for AHS AI applications including GenAI chatbots, agentic systems, and LLM-powered tools

Develop and implement security controls for the AI-SDLC, ensuring AHS builders build secure AI applications by default

Assess and drive mitigation of AI-specific security risks including prompt injection, model abuse, data exfiltration, and unauthorized tool invocation at scale

Build and/or drive adoption of AI-powered security tooling (e.g., automated threat modeling, code scanning, security test generation) to scale security across AHS

Drive adoption of AI security guardrails, testing frameworks, and monitoring across AHS GenAI applications

Collaborate with AHS builder teams to integrate security guidance into AI development workflows, reducing late-stage security findings

Develop and maintain security documentation including AI threat models, risk assessments, and secure AI development guidelines

Support security incident investigations related to AI systems, including prompt injection attacks and model misuse

About the team The HealthSec AI team secures Amazon's healthcare AI applications and builds AI-powered security tooling to scale protection across AHS. We work across two domains: Security for AI (securing GenAI applications and the AI-SDLC) and AI for Security (building AI tools that automate security guidance, testing, and workflows). Amazon Security offers talented security professionals the chance to accelerate their careers with opportunities across cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Why Amazon Security? At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.

3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience

• Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
• Experience with AI/ML technologies
• Experience applying threat modeling or other risk identification techniques or equivalent
• Knowledge of common AI security risks (prompt injection, data poisoning, model extraction, insecure tool use)

Preferred Qualifications

• Experience with programming languages such as Python, Java, C++
• Experience with AWS or cloud technologies
• 2+ years of any combination of: AI security, threat modeling, secure coding, identity management and authentication, software development, cryptography, or application security
• Experience with security testing of LLM-based applications or performing security activities across the SDLC (security design review, threat modeling, secure code review, security testing)
• Familiarity with HIPAA compliance requirements for healthcare data

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.

USA, TX, Austin - 159,300.00 - 202,400.00 USD annually USA, VA, Arlington - 159,300.00 - 202,400.00 USD annually USA, WA, Seattle - 159,300.00 - 202,400.00 USD annually