G'day! You've found an opportunity that could define your next chapter.
Applicants must be Australian citizens and hold or be eligible to obtain an Australian Government Security Clearance with the ability to successfully complete an Organisational Suitability Assessment. More information regarding security clearances can be found at https://www.agsva.gov.au/.
The Mission - Why This Programme, Why Now?
You're joining at the defining moment of one of the most significant technology programmes Australia has ever undertaken. This programme will build and operate the dedicated cloud giving Australia's national security community and its allies the capability to see more, share more, innovate and act faster than ever before.
The architectural decisions being made now - how we structure networking, implement security controls, and automate at scale - will shape how Australia's national security community operates for the next decade. You won't be inheriting someone else's design choices. You'll be making them.
Your Role — The Security Engineering Lead
Imagine being the person who defines how security is woven into the fabric of an entire portfolio of services — not as an afterthought, but as a foundational principle. As our Senior Security Engineer, you'll be the driving force behind a new era of distributed security ownership, building a model where security isn't siloed but embedded in the DNA of every builder team.
You'll own threat modelling across critical services, lead the resolution of complex security challenges, and architect application security outcomes from secure design through code review. But this role goes beyond technical mastery — you'll be the Developer Advocate for Security, establishing and leading the Security Guardians programme that trains, mentors, and empowers security champions across systems engineering teams.
This is your chance to scale your expertise across an entire organisation. Every security decision you make, every guardian you develop, every runbook you create will ripple outward — accelerating security reviews, reducing resolution timelines, and raising the bar on what secure-by-design truly means at national scale.
You'll influence security strategy across partner organisations, communicate risk to senior leadership, and help builder teams navigate the intersection of speed and security with pragmatic, mission-focused guidance. You'll also be at the forefront of accelerating Generative AI proficiency across engineering teams — shaping how the next generation of builders thinks about security in an AI-augmented world.
Key job responsibilities
You'll be the architect of security outcomes across a portfolio of services that directly underpin Australia's national security capability. Your days will be defined by impact, not bureaucracy.
You'll own threat modelling using structured methodologies like STRIDE and CAPEC, translating complex threat landscapes into pragmatic mitigation strategies that empower teams to build securely and ship confidently. You'll establish and lead the Security Guardians programme — identifying, training, and mentoring security ambassadors embedded within builder teams, creating a multiplier effect that scales security knowledge far beyond what any single engineer could achieve alone.
When complex security challenges arise, you'll be the one teams turn to. You'll drive outcomes end-to-end — from design reviews and security assessments through penetration testing coordination and remediation tracking. You'll review code, scripts, and detection mechanisms, innovating on resolutions that others can learn from and replicate.
You'll construct security and system runbooks for new problem domains, transforming your expertise into repeatable, scalable frameworks. You'll influence security strategy across related teams and partner organisations, ensuring consistency and raising the collective bar. You'll mentor system engineers and builders, growing their ability to deliver security outcomes independently — and you'll guide teams through priority decisions and pragmatic risk management when the pressure is on.
You'll communicate security risk and design decisions with clarity and conviction to senior leadership and customers, and you'll accelerate builder proficiency in Generative AI through targeted education and hands-on guidance.
A day in the life
Your morning begins with a threat model review for a service nearing its next major release. You're mapping attack surfaces using STRIDE, identifying gaps that others missed, and crafting mitigation recommendations that balance security rigour with delivery velocity. The engineering team joins you — not because they have to, but because your guidance makes their architecture stronger.
Mid-morning, you're running a Security Guardians session — coaching a cohort of embedded security champions through a real-world scenario. You watch as they connect the dots, ask sharper questions, and begin to own security outcomes within their own teams. This is the multiplier effect in action.
After lunch, a complex security finding lands on your desk. You dive into code, review detection mechanisms, and collaborate with the service team to design a resolution that's not just a fix but a pattern — something you'll document in a runbook so the next team facing a similar challenge can move faster.
Later, you're in a design review with senior leadership, translating technical risk into business language, helping decision-makers understand trade-offs with clarity. You close the day by pairing with a junior engineer on a secure code review, sharing the "why" behind each recommendation — investing in the next generation of security-minded builders.
Occasionally, you'll participate in on-call rotations, bringing your security expertise to bear on incidents that arise out-of-hours — because protecting this mission doesn't stop at 5pm.
About the team
The AWS Region Services team combines AWS global cloud leadership with Australian security expertise to deliver highly secure, scalable environments for sensitive workloads. We’re creating innovative ways to use cloud computing, artificial intelligence, and machine learning while maintaining the highest standards of security and operational excellence.
The Engineering organisation within Region Services is structured across core capability pillars: Compute & Machine Learning, Security Identity & Compliance, Storage & Databases, and a growing capability domain. Collectively these pillars encompass a team of varying technical skillsets, including Engineers; Technical Program Managers and Subject Matter Experts, organised into focused sub-teams.
This is an opportunity to make a lasting impact on Australia’s digital future. You’ll work with leading AWS services, implement innovative solutions, and help customers succeed in their most important missions. We’re committed to helping our builders grow through continuous learning, mentoring, and collaboration with industry experts. Are you ready to build the future of secure cloud computing in Australia?
Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Mentorship and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Benefits
- Learning & development - AWS training and certification support, access to internal learning platforms.
- Health, income protection and life cover - Amazon subsidises private health insurance premiums, and group salary continuance and life insurance are included at no cost to you.
- Military differential pay launching in Australia - Australian employees taking defence reserve leave may receive up to 52 weeks of military differential pay to help cover the difference in pay while serving.
- Employee Assistance Program - Free, confidential support 24 hours a day, 7 days a week for you and your family - mental health, financial coaching, legal questions, and everyday life events.
- Family-building benefit - Access to Maven for fertility treatment, adoption support, surrogacy, and parenting coaching.
- Amazon Extras & employee discount - cashback and discounts across hundreds of retail, fitness, travel, and lifestyle partners.
- Experience leading and applying threat modelling activities using structured methodologies (e.g., STRIDE, CAPEC), translating findings into pragmatic risk mitigation approaches in code that enable service teams to launch securely
- Experience owning security risk identification and mitigation outcomes beyond a single team, influencing security strategy across related teams and partner organisations
- Experience driving application security outcomes end-to-end for service teams — from design reviews and security assessments through to measurable, sustained security risk reduction across a portfolio of services
- Experience facilitating penetration testing engagements across service teams — guiding scoping, coordinating execution, and partnering with teams to interpret findings, prioritise remediation, and deliver security outcomes
- Experience building mechanisms to identify, track, measure, and report on security program effectiveness — creating predictable process paths and reducing reliance on manual overhead
- Experience establishing or leading a Security Guardians (Developer's advocate) program (or equivalent distributed security ownership model) — training security ambassadors within builder teams to scale security reviews, reduce findings, and embed security earlier in the development lifecycle
- 5+ years of coding or scripting experience (e.g., Java, Python, TypeScript, Rust) with the ability to review code for security deficiencies and guide builder teams on remediation
- Experience identifying and resolving systemic security deficiencies that bottleneck innovation, driving security debt reduction across a diverse service portfolio through root cause analysis rather than tactical workarounds
- Experience designing and implementing security automation — building paved paths and reusable mechanisms that deliver security outcomes with minimal builder friction and cost
- Ability to interpret government security frameworks such as the Australian Government Information Security Manual (ISM) or Protective Security Policy Framework (PSPF)
Acknowledgement of country:
In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.
IDE statement:
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
