Skip to main content

Software Developer Engineer II, ACTI

Job ID: 2657498 | Amazon Development Center U.S., Inc.


The Amazon Security Threat Intelligence (ACTI) organization is responsible for investigating and understanding threat actors that are targeting Amazon’s businesses. As a Software Engineer you will be a member of the ACTI Engineering Team. Responsibilities will include supporting the operation of our threat intelligence program, through automation and by building modern pipelines for large security data sets.

This role will work to understand how ACTI conducts Threat Intelligence investigations, the underlying Amazon internal and external data sets, and malicious artifact storage and analysis in order to develop and automate more efficient and resilient solutions.

In this role, you will be supporting engineering platforms that include open-source, vendor licensed and native AWS components. These platforms support security missions across Amazon and its customers to better understand threats facing the company. Additionally, working with internal intelligence analysts and external customers to better understand their daily workflows and needs will be required. You’ll be a critical part of an organization focused on building and influencing the security culture within Amazon, with the ultimate goal of ensuring the continued safety and security of our customers.

Key job responsibilities
- Using Python or similar scripting languages to automate tasks and manipulate data
- Using SQL, EMR and data manipulation libraries such as Spark or Pandas
- Understanding concepts related to scaling out processing via the use of instrumentation capabilities such as Step Functions, Airflow or other NAWS services
- Creating data pipelines
- Collaborate on developing, implementing, and maintaining our threat intelligence platform and malware, malware analysis, and malware handling systems
- Collect data from intelligence communities, threat intelligence platforms, open source data repositories, and other sources
- Write automation to aid threat intel platform and data pipelines
- Demonstrate practical knowledge of managing threat data in support of our missions
- Utilize Vertex Synapse and storm query language

A day in the life
Threat Intelligence (TI) protects Amazon and its subsidiaries by proactively analyzing new security threats, identifying malicious actors, and researching the evolving threat landscape. We partner with teams throughout Amazon to facilitate information sharing and increase security resilience through cross-functional collaboration. We share actionable cyber threat information and focus on continually developing collaboration and partnerships with security & intelligence teams throughout Amazon and the security industry. TI drives and enhances our ability to emulate threat actors, respond to security incidents, and to stay one step ahead of our adversaries.

About the team
About AmSec:

Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.


- 3+ years of non-internship professional software development experience
- 3+ years of non-internship design or architecture (design patterns, reliability and scaling) of new and existing systems experience
- Experience programming with at least one software programming language


- Experience developing web-based applications and/or web services-based applications
- Minimum 5 years of experience using Python, and either TypeScript with AWS CDK, or infrastructure as code tools like Terraform or AWS CloudFormation, to automate tasks and manipulate data.
- Minimum of 1 year experience using Git
- Minimum of 2 year experience developing for Linux OS (or developing on macOS)
- Experience as a mentor, tech lead or leading an engineering team

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit