Principal Security Engineer, Autonomous Security

We are looking for an experienced Principal Security Engineer to join the Autonomous Security team in London. You will be a key technical leader in a team responsible for building and scaling AI-powered security solutions across Amazon's global infrastructure. This team is transforming how Amazon approaches security through autonomous detection, assessment, and remediation of security issues. We partner with security teams and service teams across Amazon to embed autonomous security capabilities throughout the development lifecycle.

You will be an expert across security automation, AI/ML systems, and application security, and will be sought out for advice on autonomous security solutions. Your role will help ensure our autonomous systems make provably correct security decisions at scale, while setting standards and defining best practices for AI-powered security. You will proactively shape the future of security automation across Amazon and be a critical leader in driving the adoption of autonomous security solutions.


Key job responsibilities
•Architecting autonomous security solutions that can scale across hundreds of thousands of applications while maintaining high precision and cost efficiency
• Setting technical direction for autonomous remediation systems, ensuring security fixes can be safely and automatically deployed
• Partnering with automated reasoning and AI scientists to develop provable security approaches for autonomous systems
• Developing and validating security patterns for AI-powered security tools, ensuring they meet Amazon's high security bar
• Leading technical design reviews and providing guidance on security automation best practices
• Building trust with security teams through rigorous validation of autonomous security decisions
• Mentoring engineers and influencing teams across Amazon on security automation
• Creating frameworks and tools that enable secure integration of AI capabilities into security workflows
• Driving adoption of autonomous security solutions by demonstrating clear security value and operational efficiency
• Continuously improving our autonomous systems based on operational metrics and security team feedback


A day in the life
A typical day as a Principal Security Engineer in Autonomous Security might include:
Morning:
• Leading a technical design review for our new autonomous remediation system, discussing approaches to prove the correctness of automated fixes
• Writing code to prototype a new security validation pattern that could be used across our autonomous agents
• Meeting with our Applied Science team to review the precision metrics of our latest security detection models
Afternoon:
• Participating in Architecture Review Board meetings to influence security automation standards across Amazon
• Providing technical guidance to teams building on our Cataphract platform
• Deep-dive session with our research team on their latest autonomous penetration testing capabilities
Throughout the week, you might:
• Partner with security teams to understand their challenges and demonstrate how autonomous solutions can help
• Review critical security decisions made by our autonomous systems
• Write design documents for new autonomous security capabilities
• Present to VP-level stakeholders on our autonomous security roadmap
• Mentor senior engineers on security automation best practices
• Collaborate with automated reasoning scientists on formal verification approaches
Your focus will shift between hands-on technical work, strategic planning, and influence activities, always driving towards our goal of transforming security through autonomous systems.


About the team
First, we're tackling the challenge of frugal scaling across Amazon's entire application landscape. While we can theoretically test and secure everything, doing so efficiently and cost-effectively at our scale requires innovative approaches that balance security, performance, and cost.

Second, we're pioneering provable security in autonomous remediation. Working alongside automated reasoning scientists, you'll architect solutions that can definitively prove the correctness of our autonomous security decisions. This is crucial as we push towards automatic code remediation in builder pipelines - a challenge that demands perfect precision.

BASIC QUALIFICATIONS

• Experience in security engineering, with significant experience in security automation or security tooling development
• Deep expertise in application security and proven track record of driving security solutions at scale
• Strong software development background with demonstrated ability to write and review production-grade code
• Experience leading technical security initiatives across multiple teams and stakeholders
• Proven ability to influence senior technical leaders and build trust with security organizations

PREFERRED QUALIFICATIONS

• Experience with AI/ML systems and their security implications
• Track record of building and deploying automated security solutions in large-scale environments
• Experience with formal methods, automated reasoning, or similar approaches to validating security decisions
• Background in security testing, penetration testing, or vulnerability assessment
• History of contributions to security automation or tooling in the broader security community
• Experience driving adoption of new security technologies across large engineering organizations