Security Engineering Manager, AWS Security Testing
Job Description:
Shape the future of cloud security at AWS. Lead a specialized team of penetration testing engineers protecting millions of customers worldwide.
AWS is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world, including government customers. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS' highly secure infrastructure.
We are looking for a Security Engineering Manager to lead a team of penetration testing engineers who are responsible for validating that our services, applications, and websites are secured against the latest threats. In this role, you will evolve our security testing mechanisms and create metrics to demonstrate your team's performance. Your primary focus will be to raise the security bar on behalf of our customers, ensuring they are confident in the security of their data.
Key Job Responsibilities:
* Inspire and align your team toward a common purpose, providing strategic mental models and tools to achieve organizational goals.
* Leverage the strengths of individual team members, delegating tasks appropriately and managing delivery of long-term initiatives.
* Conduct ongoing evaluation of team performance, assessing effectiveness, efficiency, and interpersonal dynamics that contribute to achieving team objectives aligned with organizational priorities.
* Coach for results by providing guidance, support, and development opportunities to help your team continuously learn and consistently achieve outcomes.
* Define metrics to quickly and accurately present the team's performance and variance against its goals.
* Participate in and/or coordinate segments of cross-AWS initiatives, communicating status and results effectively across the division.
* Seek out stretch assignments for your current team and foster their professional career development.
* Drive security initiatives and process improvements.
* Lead recruitment efforts to build and maintain a high-performing team.
A Day in the Life:
You'll lead a specialized team of penetration testing engineers while balancing both technical leadership and people management responsibilities. Your typical day involves guiding your team's security testing efforts across AWS services, collaborating with service teams on current and upcoming engagements, and ensuring robust security standards are maintained. You'll spend time mentoring your team members, reviewing critical security findings, and helping identify ways for us to continuously improve.
About the Team:
We value diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Our inclusive culture empowers Amazonians to deliver the best results for our customers.
BASIC QUALIFICATIONS:
* BS in Computer Science, Management Information Systems, Engineering or related field, or equivalent work experience and experience directly managing a team of at least five engineers.
* Hands-on knowledge of information security technologies such as security design review, threat modelling, risk analysis, and software testing techniques and experience with AWS services, especially security-relevant services (ex: GuardDuty, CloudTrail, KMS, IAM).
* Experience driving large, cross-organization initiatives and experience managing communication with geographically distributed teams and excellent written and verbal communication skills, especially experience with executive-level communications and skilled at explaining complex technical issues in terms understandable by the business.
* Strong sense of ownership, urgency, and drive and ability to make concrete progress in the face of ambiguity and imperfect knowledge and experience providing training and mentorship.
PREFERRED QUALIFICATIONS:
* Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Rust, etc.).
* Experience with vulnerability risk and impact assessment.
* Knowledge of engineering practices and patterns for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operational excellence.