1

Product Security Code Review Engineer Jobs in Virginia

... security code reviews. • Other duties as assigned. Qualifications : Required : • Bachelor's in Computer Science, Engineering, or related field. • 3 years of backend development. • ...

Development Security Engineer Location: Arlington, VA Security Clearance:Secret Duties and ... Conducts code review, identifies flaws in the business logic, programmatic vulnerabilities and ...

next page

Showing results 1-20

Product Security Code Review Engineer information

What are the key skills and qualifications needed to thrive as a Product Security Code Review Engineer, and why are they important?

To thrive as a Product Security Code Review Engineer, you need a deep understanding of secure coding practices, software development lifecycles, and vulnerability assessment, typically backed by a degree in computer science or a related field. Familiarity with static and dynamic analysis tools, code review platforms, and certifications like CISSP or OSCP is highly valuable. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for explaining security findings and collaborating with development teams. These skills and qualities are vital to identify, communicate, and mitigate security risks in code, ensuring the overall resilience of software products.

What are some typical challenges faced by Product Security Code Review Engineers when coordinating with development teams?

Product Security Code Review Engineers often encounter challenges in balancing security priorities with project timelines and developer workflows. Effective communication is essential, as engineers must clearly explain vulnerabilities and remediation steps to developers who may have varying levels of security expertise. Additionally, they need to ensure that security recommendations are practical and align with the product's architecture, all while fostering a collaborative environment rather than creating bottlenecks. Building strong relationships with development teams and understanding their processes helps streamline secure code adoption and continuous improvement.

What is the difference between Product Security Code Review Engineer vs Software Security Engineer?

AspectProduct Security Code Review EngineerSoftware Security Engineer
Primary FocusReviewing and analyzing source code for security vulnerabilities in productsDesigning and implementing security measures across software systems
Skills & CertificationsSecure coding, code review, security standards (e.g., OWASP), certifications like CSSLPSecurity architecture, threat modeling, secure coding, certifications like CISSP
Work EnvironmentCollaborates with development teams during product developmentWorks on system-wide security strategies and architecture
Industry UsageCommon in product-based companies, especially in tech and cybersecurityFound in organizations focusing on overall security infrastructure

While both roles focus on security, the Product Security Code Review Engineer primarily reviews source code for vulnerabilities in specific products, whereas the Software Security Engineer develops and implements security strategies across software systems. The roles often overlap but differ in scope and focus.

What is a Product Security Code Review Engineer?

A Product Security Code Review Engineer is a cybersecurity professional responsible for analyzing and reviewing application source code to identify and mitigate security vulnerabilities. They work closely with development teams to ensure secure coding practices, review code for compliance with security standards, and recommend fixes for potential security issues. Their goal is to prevent security breaches by catching vulnerabilities early in the software development lifecycle.
What are popular job titles related to Product Security Code Review Engineer jobs in Virginia? For Product Security Code Review Engineer jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Product Security Code Review Engineer jobs in Virginia look for? The top searched job categories for Product Security Code Review Engineer jobs in Virginia are:
What cities in Virginia are hiring for Product Security Code Review Engineer jobs? Cities in Virginia with the most Product Security Code Review Engineer job openings:
Senior Software Development Engineer, Security Automation, Capabilities, Corporate Services Secur...

Senior Software Development Engineer, Security Automation, Capabilities, Corporate Services Secur...

Amazon

Arlington, VA

$131K - $180K/yr

Full-time

Posted 9 days ago


Amazon rating

7.4

Company rating: 7.4 out of 10

Based on 6,974 frontline employees who took The Breakroom Quiz

6th of 39 rated national retailers


Job description

We are building the security automation platform that protects Amazon's most sensitive corporate systems, covering finance, HR, legal, and communications. You will design and own these systems end-to-end, from architecture through production operations, with full autonomy over the technology approach.
The work spans detection pipelines, security alerting platforms, custom rule engines, and developer-facing tooling that catches vulnerabilities at code review time. You will connect disparate security workflows into cohesive systems, operate alerting infrastructure that surfaces threats before they become incidents, and define how security scales across hundreds of applications

This is hands-on engineering with real architectural ownership, not a consulting or advisory role.
You will lead design across multiple concurrent efforts, mentor engineers on the team, and influence the broader security engineering strategy. The business problems are well-defined. The technology solutions are yours to build.
Key job responsibilities
- Design, build, and operate security automation systems on AWS that protect corporate applications processing sensitive financial and employee data


- Own the architecture of detection pipelines, alerting platforms, and custom rule engines. Define the technology approach, not just implement features.
- Build integrations with application security teams to deliver continuous automated scanning that replaces manual security reviews.
- Lead technical design across multiple efforts simultaneously. Review the work of other engineers to ensure architectural coherence and production readiness.
- Write and operationalize detection rules that surface security issues during code review, before code reaches production.
- Mentor engineers, lead design reviews, and communicate technical strategy and trade-offs to leadership in writing.
A day in the life
On any given day you might author a new custom code-review rule and roll it out across a set of development teams, analyze scan results from a continuous security evaluation pilot to measure detection coverage, design the next integration between your platform and a centralized scanning service, or troubleshoot a production pipeline that processes security findings

The problems are real, the data is sensitive, and you own outcomes from design through production.
About the team
The Capabilities team builds and operates the internal tooling that the rest of our security organization depends on. Right now that includes custom code-review rule sets that we author and roll out across development teams, integrations with centralized security scanning platforms, and shared cloud infrastructure that other security teams deploy on top of. We own what we ship, from design through operations

You will work alongside security engineers and partner with application security teams across the company.


What Amazon employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Amazon logo

About Amazon

Sourced by ZipRecruiter

Amazon.com, Inc., commonly known as Amazon, is an American multinational technology company. It was founded by Jeff Bezos in 1994 and initially started as an online marketplace for books. Since then, Amazon has expanded its operations and become one of the largest e-commerce companies in the world. Amazon's primary business is its online retail platform, where customers can purchase a vast array of products, including electronics, clothing, books, home goods, and much more. The company offers a convenient and user-friendly shopping experience, with features such as fast shipping, customer reviews, and personalized recommendations. In addition to its e-commerce platform, Amazon has diversified its business into various other areas. One of its notable ventures is Amazon Web Services (AWS), a comprehensive cloud computing platform that provides services such as storage, compute power, and database management to individuals and businesses. AWS has become a leader in the cloud computing industry, powering many websites and applications worldwide. Amazon has also developed its own consumer electronics, including the popular Amazon Kindle e-reader, Fire tablets, Fire TV streaming devices, and the Alexa-powered Echo smart speakers. The Alexa voice assistant, integrated into these devices, allows users to interact with their devices using voice commands, perform tasks, and access information. Furthermore, Amazon has expanded into media and entertainment. It operates Prime Video, a streaming service that offers a wide range of movies, TV shows, and original content. Amazon Music provides a platform for streaming and purchasing digital music, while Audible offers audiobooks and other audio content. The company's commitment to customer satisfaction and convenience is demonstrated by its membership program, Amazon Prime. Prime members receive various benefits, including free two-day shipping, access to streaming services, exclusive deals, and more.

Industry

It services, book publishers, retail, real estate and computer and electronic product manufacturing

Company size

10,000+ Employees

Headquarters location

Seattle, WA, US