Security Engineer , Global Media and Entertainment Security
Amazon, San Francisco, CA, United States
Security Engineer, Global Media and Entertainment Security
Job ID: 10379526 | Amazon.com Services LLC
We are changing the way millions of customers interact with entertainment that enriches lives. Amazon Global Media and Entertainment delivers experiences at unparalleled scale. Whether it's launching our own studio to create original and exclusive content or connecting players and developers to the games and communities they love, Amazon Global Media and Entertainment Security is at the center of customer, builder, and content journeys. Come build with us.
We are looking for a Security Engineer to strengthen our network edge defenses through data‑driven security optimization. In this role, you'll support our network edge team by developing threat models, analyzing traffic patterns, and tuning security configurations to reduce detection blind spots, accelerate incident response, and fortify our defenses against application‑layer attacks.
As a Security Engineer within Global Media and Entertainment, you will collaborate with engineering teams to drive the implementation and validation of security controls prior to production launch. You will provide frontline support for partners on security‑related issues, including design reviews, network monitoring, and emerging threat response. This role requires thought leadership as you invent and innovate to protect our customers and content at scale.
Key job responsibilities
Perform traffic analysis to identify anomalies in request headers, cookies, and payloads that indicate attacks
Design and implement custom WAF rules based on identified threat patterns balancing security with customer experience
Execute DDoS penetration testing against anti‑DDoS protections to validate and enhance defense capabilities
Configure bot management solutions to distinguish between legitimate traffic and malicious actors
Build and maintain security dashboards for WAF and API metrics to improve visibility and accelerate threat detection
Develop threat models and conduct log analysis to improve security and optimization opportunities
Provide security engineering expertise to develop with security designs and security control implementation for systems that interact with the edge systems, and which have a direct impact on the Customer experience
A day in the life
As a Security Engineer, you'll start your day reviewing overnight security alerts and analyzing traffic patterns for anomalies. You might spend your morning collaborating with a development team on a design review for an upcoming service launch, ensuring security controls are properly integrated. In the afternoon, you could be tuning WAF rules to address a new attack pattern you've identified in the logs, or working with the infrastructure team to optimize edge security configurations. You'll balance proactive security improvements with reactive incident response, always making risk‑based decisions grounded in data. Your work directly impacts millions of customers by keeping their entertainment experiences secure and uninterrupted.
Basic Qualifications
3+ years of non‑internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools
3+ years of work in identifying security issues and risks, and developing mitigation plans
3+ years of scripting, programming, or security code review in a common language, such as Python, Java, or C++
Experience with security in service‑oriented architectures/microservices and web services
Knowledge of networking protocols, including HTTP(S), DNS, and TCP/IP
Preferred Qualifications
2+ years of any combination of threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration, and network security experience
Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
Experience in scripting, programming, or security code reviewing in a common language, such as Python, Java, or C++
3+ years of experience with WAF rule tuning and optimization
3+ years of experience troubleshooting and analyzing logs to detect and respond to anomalies, DDoS attacks, and API security threats
Benefits
Amazon offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and an option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts), adoption and surrogacy reimbursement coverage, 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.
Amazon is an equal‑opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Salary Range
USA, CO, Denver – $159,300.00 – $202,400.00 USD annually.
#J-18808-Ljbffr
Job ID: 10379526 | Amazon.com Services LLC
We are changing the way millions of customers interact with entertainment that enriches lives. Amazon Global Media and Entertainment delivers experiences at unparalleled scale. Whether it's launching our own studio to create original and exclusive content or connecting players and developers to the games and communities they love, Amazon Global Media and Entertainment Security is at the center of customer, builder, and content journeys. Come build with us.
We are looking for a Security Engineer to strengthen our network edge defenses through data‑driven security optimization. In this role, you'll support our network edge team by developing threat models, analyzing traffic patterns, and tuning security configurations to reduce detection blind spots, accelerate incident response, and fortify our defenses against application‑layer attacks.
As a Security Engineer within Global Media and Entertainment, you will collaborate with engineering teams to drive the implementation and validation of security controls prior to production launch. You will provide frontline support for partners on security‑related issues, including design reviews, network monitoring, and emerging threat response. This role requires thought leadership as you invent and innovate to protect our customers and content at scale.
Key job responsibilities
Perform traffic analysis to identify anomalies in request headers, cookies, and payloads that indicate attacks
Design and implement custom WAF rules based on identified threat patterns balancing security with customer experience
Execute DDoS penetration testing against anti‑DDoS protections to validate and enhance defense capabilities
Configure bot management solutions to distinguish between legitimate traffic and malicious actors
Build and maintain security dashboards for WAF and API metrics to improve visibility and accelerate threat detection
Develop threat models and conduct log analysis to improve security and optimization opportunities
Provide security engineering expertise to develop with security designs and security control implementation for systems that interact with the edge systems, and which have a direct impact on the Customer experience
A day in the life
As a Security Engineer, you'll start your day reviewing overnight security alerts and analyzing traffic patterns for anomalies. You might spend your morning collaborating with a development team on a design review for an upcoming service launch, ensuring security controls are properly integrated. In the afternoon, you could be tuning WAF rules to address a new attack pattern you've identified in the logs, or working with the infrastructure team to optimize edge security configurations. You'll balance proactive security improvements with reactive incident response, always making risk‑based decisions grounded in data. Your work directly impacts millions of customers by keeping their entertainment experiences secure and uninterrupted.
Basic Qualifications
3+ years of non‑internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools
3+ years of work in identifying security issues and risks, and developing mitigation plans
3+ years of scripting, programming, or security code review in a common language, such as Python, Java, or C++
Experience with security in service‑oriented architectures/microservices and web services
Knowledge of networking protocols, including HTTP(S), DNS, and TCP/IP
Preferred Qualifications
2+ years of any combination of threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration, and network security experience
Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
Experience in scripting, programming, or security code reviewing in a common language, such as Python, Java, or C++
3+ years of experience with WAF rule tuning and optimization
3+ years of experience troubleshooting and analyzing logs to detect and respond to anomalies, DDoS attacks, and API security threats
Benefits
Amazon offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and an option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts), adoption and surrogacy reimbursement coverage, 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.
Amazon is an equal‑opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Salary Range
USA, CO, Denver – $159,300.00 – $202,400.00 USD annually.
#J-18808-Ljbffr