You'll write code, ship custom controls, run security investigations, lead design and code reviews ... and products. - Identify risks and edge cases; propose implementation paths and go/no-go gates ...
You'll write code, ship custom controls, run security investigations, lead design and code reviews ... and products. - Identify risks and edge cases; propose implementation paths and go/no-go gates ...
... and products. - Identify risks and edge cases; propose implementation paths and go/no-go gates ... code review in a common programming language (non-internship) experience - 2+ years of ...
... and products. - Identify risks and edge cases; propose implementation paths and go/no-go gates ... code review in a common programming language (non-internship) experience - 2+ years of ...
Product Review Engineer
San Antonio, TX · On-site
$79/hr
Product Review Engineer LOCATION: San Antonio, TX PAY RATE: $ 79.00/hour We are a national ... S. security clearance? * Do you meet the educational and experience requirements for this role?
Quick apply
Product Review Engineer
San Antonio, TX · On-site
$79/hr
Product Review Engineer LOCATION: San Antonio, TX PAY RATE: $ 79.00/hour We are a national ... S. security clearance? * Do you meet the educational and experience requirements for this role?
Senior Security & Compliance Engineer , AWS Security Assurance Services
Austin, TX · On-site
$113K - $155K/yr
Key job responsibilities Engineer AI-enabled automations, lead threat modeling, security design ... Write and review architecture, code, scripts, IaC, including Python, Terraform, AWS CDK ...
Senior Security & Compliance Engineer , AWS Security Assurance Services
Austin, TX · On-site
$113K - $155K/yr
Key job responsibilities Engineer AI-enabled automations, lead threat modeling, security design ... Write and review architecture, code, scripts, IaC, including Python, Terraform, AWS CDK ...
Senior Security & Compliance Engineer , AWS Security Assurance Services
Austin, TX · On-site
$113K - $155K/yr
Key job responsibilities Engineer AI-enabled automations, lead threat modeling, security design ... Write and review architecture, code, scripts, IaC, including Python, Terraform, AWS CDK ...
Senior Security & Compliance Engineer , AWS Security Assurance Services
Austin, TX · On-site
$113K - $155K/yr
Key job responsibilities Engineer AI-enabled automations, lead threat modeling, security design ... Write and review architecture, code, scripts, IaC, including Python, Terraform, AWS CDK ...
Product Security Engineer
Dallas, TX · On-site
$100K - $110K/yr
Manage the local security systems (CCTV, access control, intrusion detection); periodically review ... Bachelor/Master in IT, engineering, product security or equal through experience. * Additional ...
Quick apply
Product Security Engineer
Dallas, TX · On-site
$100K - $110K/yr
Manage the local security systems (CCTV, access control, intrusion detection); periodically review ... Bachelor/Master in IT, engineering, product security or equal through experience. * Additional ...
Senior Product Security Engineer - Applications
Plano, TX · On-site
$107K - $146K/yr
As a Product Security Engineer focusing on application security, you'll be a trusted partner ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
Senior Product Security Engineer - Applications
Plano, TX · On-site
$107K - $146K/yr
As a Product Security Engineer focusing on application security, you'll be a trusted partner ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
Senior Product Security Engineer - Applications
$107K - $146K/yr
As a Product Security Engineer focusing on application security, you'll be a trusted partner ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
Senior Product Security Engineer - Applications
$107K - $146K/yr
As a Product Security Engineer focusing on application security, you'll be a trusted partner ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
Senior Product Security Engineer - Applications
Plano, TX · On-site
$110K - $150K/yr
As a Product Security Engineer focusing on application security, you'll be a trusted partner ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
Senior Product Security Engineer - Applications
Plano, TX · On-site
$110K - $150K/yr
As a Product Security Engineer focusing on application security, you'll be a trusted partner ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
Define and promote secure coding standards, security policies, best practices, and secure-by-design ... Review the end-to-end Software Development Life Cycle (SDLC) by Day 60 to identify enhancement ...
Define and promote secure coding standards, security policies, best practices, and secure-by-design ... Review the end-to-end Software Development Life Cycle (SDLC) by Day 60 to identify enhancement ...
Product Review Engineer 4
San Antonio, TX · On-site
Our client is currently seeking a Product Review Engineer 4 Job Code: Product Review Engineer 4 Work Location: San Antonio, TX Shifts: Variable 4x10 (A shift: Sun-Wed, B shift: Wed-Sat), must be ...
Product Review Engineer 4
San Antonio, TX · On-site
Our client is currently seeking a Product Review Engineer 4 Job Code: Product Review Engineer 4 Work Location: San Antonio, TX Shifts: Variable 4x10 (A shift: Sun-Wed, B shift: Wed-Sat), must be ...
Product Review Engineer 4
Red Oak, TX · On-site
$80 - $83/hr
Indotronix is seeking an Product Review Engineer 4, Red Oak, TX Bachelors with 10+ years of ... obtain "Secret" security clearance • MRB Engineering experience is a must Preferred ...
Quick apply
Product Review Engineer 4
Red Oak, TX · On-site
$80 - $83/hr
Indotronix is seeking an Product Review Engineer 4, Red Oak, TX Bachelors with 10+ years of ... obtain "Secret" security clearance • MRB Engineering experience is a must Preferred ...
Product Review Engineer 4
San Antonio, TX · On-site
$87.81/hr
Job #218547 Chipton-Ross is seeking 3 Product Review Engineers (Level 4)/Liaison Engineers for a ... Applicants responding to this position will be subject to a government security investigation and ...
Product Review Engineer 4
San Antonio, TX · On-site
$87.81/hr
Job #218547 Chipton-Ross is seeking 3 Product Review Engineers (Level 4)/Liaison Engineers for a ... Applicants responding to this position will be subject to a government security investigation and ...
Staff Engineer - Product Security
Richardson, TX · On-site
$110K - $230K/yr
Our Product Security tooling team is focused on enabling our engineering teams to build and develop code securely, supporting our code and application scanning tools (vendor & open source). We are ...
Staff Engineer - Product Security
Richardson, TX · On-site
$110K - $230K/yr
Our Product Security tooling team is focused on enabling our engineering teams to build and develop code securely, supporting our code and application scanning tools (vendor & open source). We are ...
As a Product Security Engineer focusing on embedded systems security for video, broadband, and ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
As a Product Security Engineer focusing on embedded systems security for video, broadband, and ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
As a Product Security Engineer focusing on embedded systems security for video, broadband, and ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
As a Product Security Engineer focusing on embedded systems security for video, broadband, and ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
As a Product Security Engineer focusing on embedded systems security for video, broadband, and ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
As a Product Security Engineer focusing on embedded systems security for video, broadband, and ... Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to ...
Senior Application / Product Security Engineer
Austin, TX · On-site
$190K - $215K/yr
Deep understanding of SDLC security practices - including threat modeling, code review, and CI/CD ... developer productivity. * Experience with modern cloud environments (AWS, GCP) and security ...
Senior Application / Product Security Engineer
Austin, TX · On-site
$190K - $215K/yr
Deep understanding of SDLC security practices - including threat modeling, code review, and CI/CD ... developer productivity. * Experience with modern cloud environments (AWS, GCP) and security ...
Senior Application / Product Security Engineer
Austin, TX · On-site
$190K - $215K/yr
Deep understanding of SDLC security practices - including threat modeling, code review, and CI/CD ... developer productivity. * Experience with modern cloud environments (AWS, GCP) and security ...
Senior Application / Product Security Engineer
Austin, TX · On-site
$190K - $215K/yr
Deep understanding of SDLC security practices - including threat modeling, code review, and CI/CD ... developer productivity. * Experience with modern cloud environments (AWS, GCP) and security ...
Senior Product Security Engineer
Austin, TX · On-site
$113K - $155K/yr
Perform security architecture reviews for complex CI/CD, cloud, and Kubernetes environments ... Experience implementing GitOps workflows and securing infrastructure-as-code (Terraform ...
Senior Product Security Engineer
Austin, TX · On-site
$113K - $155K/yr
Perform security architecture reviews for complex CI/CD, cloud, and Kubernetes environments ... Experience implementing GitOps workflows and securing infrastructure-as-code (Terraform ...
Product Security Code Review Engineer information
What are the key skills and qualifications needed to thrive as a Product Security Code Review Engineer, and why are they important?
What are some typical challenges faced by Product Security Code Review Engineers when coordinating with development teams?
What is the difference between Product Security Code Review Engineer vs Software Security Engineer?
| Aspect | Product Security Code Review Engineer | Software Security Engineer |
|---|---|---|
| Primary Focus | Reviewing and analyzing source code for security vulnerabilities in products | Designing and implementing security measures across software systems |
| Skills & Certifications | Secure coding, code review, security standards (e.g., OWASP), certifications like CSSLP | Security architecture, threat modeling, secure coding, certifications like CISSP |
| Work Environment | Collaborates with development teams during product development | Works on system-wide security strategies and architecture |
| Industry Usage | Common in product-based companies, especially in tech and cybersecurity | Found in organizations focusing on overall security infrastructure |
While both roles focus on security, the Product Security Code Review Engineer primarily reviews source code for vulnerabilities in specific products, whereas the Software Security Engineer develops and implements security strategies across software systems. The roles often overlap but differ in scope and focus.
What is a Product Security Code Review Engineer?
- Trainee Offensive Security Engineer
- Full Time Cloud Security Engineer
- Product Security
- Freelance Product Security Engineer
- Full Time Data Security Engineer
- Trainee Application Security Engineer
- Remote Product Security Engineer
- Remote Database Security Engineer
- Java Security Engineer Trainee
- Remote Product Engineer
Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 9 hours ago
Amazon rating
7.4
Based on 6,968 frontline employees who took The Breakroom Quiz
6th of 39 rated national retailers
Job description
You'll write code, ship custom controls, run security investigations, lead design and code reviews on your team, and mentor junior engineers. You will identify systemic issues, propose pragmatic solutions, and improve the team's mechanisms over time.
Key job responsibilities
- Lead threat modeling, security design reviews, and architecture reviews for customer engagements; identify and mitigate risks across systems and applications.
- Design and implement custom preventive, detective, and proactive controls - Service Control Policies (SCPs), Resource Control Policies (RCPs), policy-as-code (cfn-guard, OPA Rego, Cedar), and automated remediation workflows.
- Build secure-by-design Infrastructure-as-Code controls for Landing Zones, AWS Control Tower customizations, Zero-Trust architectures, and AI/ML workloads.
- Apply AWS security best practices for authentication and authorization, data handling, least privilege, encryption, micro-segmentation, tagging strategy, and API/MCP integration.
- Write and review IaC, scripts, enforcements and detections in Python, Terraform, AWS CDK, CloudFormation, and Rego.
- Build continuous compliance monitoring, automated evidence collection, visualization, reporting, and remediation pipelines that hold up in audit.
- Integrate custom controls with AWS-native and third-party security and compliance tooling.
- Drive emerging-edge ideas into prototyping end-to-end to inform new security and compliance solutions and products.
- Identify risks and edge cases; propose implementation paths and go/no-go gates.
- Apply systematic approaches to risk identification; propose compensating controls when direct remediation isn't possible.
- Help develop technical content
- Identify cross-team patterns, gaps, improvements.
- Travel to customer sites as needed.
About the team
The AWS Security Assurance Services team, within AWS Support, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world's workloads requires reliable delivery of bar-raising security outcomes and investment in security mechanisms and automation on behalf of our customers.
AWS Security Assurance Services LLC, a PCI-QSAC and HITRUST External Assessor Firm, is a team of industry-certified assessors and Compliance Engineers with DevOps and Cloud Infrastructure Architect backgrounds, helping our customers achieve, maintain, and automate compliance in the cloud by tying applicable audit standards to AWS service-specific features and functionality. The SAS team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud.
BASIC QUALIFICATIONS
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- 2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
- 2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience
- Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Experience (non-internship) in scripting, programming, and security code reviewing in a common programming language
- Experience in troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship experience)
- Experience with threat modeling and penetration testing, or experience that includes strong analytical skills, attention to detail, and effective communication abilities
- Experience conveying complex technical concepts to both technical and business audiences
- • 3+ years of security engineering or related security experience; Demonstrated ability to deliver security solutions independently within a team scope, handling the full development lifecycle: design, implementation, testing, deployment, and maintenance.
- • Demonstrated ability to write and review code, scripts, IaC, and detections in support of security defenses.
- • Demonstrated ability to lead security investigations and resolve root causes of operational and security issues.
- • Demonstrated ability to mentor peers, drive consensus on conflicting design or implementation feedback, and provide meaningful review feedback.
PREFERRED QUALIFICATIONS
- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- 2+ years of scripting, programming, or security code review in a common language, such as Python, Java or C++ experience
- Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
- Knowledge of networking protocols such as HTTP(S), DNS, and TCP/IP
- Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing
- Experience in mentoring, leading, or managing more junior engineers
- • 5+ years as a technical specialist, including 3+ years in secure coding, software development, cloud security engineering, or related work
- • Strong programming and scripting skills in Python, TypeScript, Node.js, Go, Java, or .NET.
- • Hands-on Infrastructure-as-Code skills in Terraform, AWS CDK, or CloudFormation.
- • Hands-on experience with AWS security and governance services: Config, Security Hub, IAM, KMS, VPC, Lambda, CloudTrail, CloudWatch/EventBridge.
- • Experience deploying SCPs and RCPs in multi-account AWS Organizations.
- • Experience writing and deploying policy-as-code (cfn-guard, OPA Rego, Cedar, or equivalent).
- • Experience designing CI/CD pipelines for security or compliance control deployment.
- • Experience with AWS Control Tower customizations, Landing Zones, or Zero-Trust architectures.
- • Working knowledge of at least one compliance framework: SOC2, HIPAA, PCI-DSS, CIS, or NIST.
- • Experience producing audit-ready evidence and working with third-party assessors.
- • Spec-driven development; AI agentic design and Model Context Protocol (MCP) experience.
- • Industry and AWS certifications: AWS Solutions Architect Associate or Professional, AWS Security Specialty, CISSP, or equivalent.
- • Contributions to public technical content: blog posts, workshops, conference talks, or open-source projects.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.
USA, TN, Nashville - 137,600.00 - 184,000.00 USD annually
USA, TX, Austin - 159,300.00 - 202,400.00 USD annually
USA, TX, Dallas - 159,300.00 - 202,400.00 USD annually
USA, TX, Houston - 159,300.00 - 202,400.00 USD annually
USA, VA, Arlington - 159,300.00 - 202,400.00 USD annually
USA, VA, Herndon - 159,300.00 - 202,400.00 USD annually
USA, WA, Seattle - 159,300.00 - 202,400.00 USD annually
About Amazon
Sourced by ZipRecruiter
Amazon.com, Inc., commonly known as Amazon, is an American multinational technology company. It was founded by Jeff Bezos in 1994 and initially started as an online marketplace for books. Since then, Amazon has expanded its operations and become one of the largest e-commerce companies in the world. Amazon's primary business is its online retail platform, where customers can purchase a vast array of products, including electronics, clothing, books, home goods, and much more. The company offers a convenient and user-friendly shopping experience, with features such as fast shipping, customer reviews, and personalized recommendations. In addition to its e-commerce platform, Amazon has diversified its business into various other areas. One of its notable ventures is Amazon Web Services (AWS), a comprehensive cloud computing platform that provides services such as storage, compute power, and database management to individuals and businesses. AWS has become a leader in the cloud computing industry, powering many websites and applications worldwide. Amazon has also developed its own consumer electronics, including the popular Amazon Kindle e-reader, Fire tablets, Fire TV streaming devices, and the Alexa-powered Echo smart speakers. The Alexa voice assistant, integrated into these devices, allows users to interact with their devices using voice commands, perform tasks, and access information. Furthermore, Amazon has expanded into media and entertainment. It operates Prime Video, a streaming service that offers a wide range of movies, TV shows, and original content. Amazon Music provides a platform for streaming and purchasing digital music, while Audible offers audiobooks and other audio content. The company's commitment to customer satisfaction and convenience is demonstrated by its membership program, Amazon Prime. Prime members receive various benefits, including free two-day shipping, access to streaming services, exclusive deals, and more.
Industry
It services, book publishers, retail, real estate and computer and electronic product manufacturing
Company size
10,000+ Employees
Headquarters location
Seattle, WA, US