Security Engineer II, Stores Security - HealthCare
Amazon Healthcare Security's (HealthSec) Detections & Monitoring team is hiring a Security Engineer II to design, build, and operate detection and monitoring capabilities that protect Amazon Health Services (AHS) across cloud infrastructure, applications, endpoints, and AI-powered systems. You will work at the intersection of detection engineering and security operations—building detection-as-code pipelines, developing automated investigation and response workflows, and extending monitoring coverage to emerging AI and agentic application architectures.
Working closely with AHS engineering teams, peer security teams, and incident responders, you will ensure that threats targeting healthcare workloads are detected rapidly and investigated efficiently, while maintaining HIPAA compliance and Amazon's security bar. You will also leverage AI/LLM-powered tooling to scale detection, triage, and response beyond traditional approaches.
Key job responsibilities
Design, build, and maintain detection-as-code capabilities across cloud infrastructure (CloudTrail, GuardDuty, VPC Flow Logs), SaaS applications, endpoints, and identity systems, improving coverage and signal quality
Develop and deploy detections and monitoring for agentic applications and AI services, including anomaly detection for LLM-powered tools, agent orchestration systems, and AI service APIs
Build automated investigation and response workflows that replace manual runbooks, leveraging AI to scale triage, enrichment, containment, and remediation
Develop and deploy AI/LLM-powered tooling to investigations, reduce alert fatigue, and extend team capacity beyond traditional headcount constraints
Monitor telemetry data, alerting systems, and dashboards for signals of degradation, compromise, or abuse across AHS environments
Triage and correlate alerts to identify patterns, reduce noise, and surface high-fidelity signals before impact escalates
Lead and participate in incident response: detection, investigation, containment, and retrospectives, identifying root causes and driving long-term resilience improvements
Partner cross-functionally with AHS engineering and platform teams to expand logging, improve observability, and embed detection capabilities into the development lifecycle
Identify gaps in visibility or detection coverage and translate ambiguous threat landscapes into detection and response solutions
Develop and maintain security documentation: detection coverage maps, threat models, runbooks, and monitoring architecture guidelines
About the team
The HealthSec Detections & Monitoring team protects Amazon's healthcare services by building and operating detection and monitoring capabilities at scale. We detect threats across cloud infrastructure, applications, endpoints, and AI systems—and we build AI-powered tooling to make our detections smarter and our response faster. Amazon Security offers talented security professionals the chance to accelerate their careers with opportunities across cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Working closely with AHS engineering teams, peer security teams, and incident responders, you will ensure that threats targeting healthcare workloads are detected rapidly and investigated efficiently, while maintaining HIPAA compliance and Amazon's security bar. You will also leverage AI/LLM-powered tooling to scale detection, triage, and response beyond traditional approaches.
Key job responsibilities
Design, build, and maintain detection-as-code capabilities across cloud infrastructure (CloudTrail, GuardDuty, VPC Flow Logs), SaaS applications, endpoints, and identity systems, improving coverage and signal quality
Develop and deploy detections and monitoring for agentic applications and AI services, including anomaly detection for LLM-powered tools, agent orchestration systems, and AI service APIs
Build automated investigation and response workflows that replace manual runbooks, leveraging AI to scale triage, enrichment, containment, and remediation
Develop and deploy AI/LLM-powered tooling to investigations, reduce alert fatigue, and extend team capacity beyond traditional headcount constraints
Monitor telemetry data, alerting systems, and dashboards for signals of degradation, compromise, or abuse across AHS environments
Triage and correlate alerts to identify patterns, reduce noise, and surface high-fidelity signals before impact escalates
Lead and participate in incident response: detection, investigation, containment, and retrospectives, identifying root causes and driving long-term resilience improvements
Partner cross-functionally with AHS engineering and platform teams to expand logging, improve observability, and embed detection capabilities into the development lifecycle
Identify gaps in visibility or detection coverage and translate ambiguous threat landscapes into detection and response solutions
Develop and maintain security documentation: detection coverage maps, threat models, runbooks, and monitoring architecture guidelines
About the team
The HealthSec Detections & Monitoring team protects Amazon's healthcare services by building and operating detection and monitoring capabilities at scale. We detect threats across cloud infrastructure, applications, endpoints, and AI systems—and we build AI-powered tooling to make our detections smarter and our response faster. Amazon Security offers talented security professionals the chance to accelerate their careers with opportunities across cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.