Security Architect, AmazonBooks Systems

Full Time
Seattle, WA
Areas of Interest: Systems Security Architecture, Test and Evaluation, Threat Analysis, Vulnerability Assessment and Management
report a problem

If you love to build, to invent, to pioneer on a high performance team that's passionate about operational excellence
—we'd love to hear from you.

The Team: Would you like to join a team that is solving a new business problem through innovative technology? Would you like to be security leader for Amazon's systems for brick and mortar stores?

Amazon Books is a physical retail store that offers a curated selection of books and an array of Amazon devices with brick and mortar stores across North America. It is powered by the technology built by the team which represents industrial scale usage of IoT systems, innovative network topologies, and cloud services. You will be working closely with Amazon's Point-of-Sale (POS) team and focused on providing secure and privacy-protecting experience for Amazon customers while interacting with Amazon Books systems. Amazon has 6 physical bookstore locations launched and 6 more announced for 2017. You can find out more about Amazon Bookstores

The Role: As a Security Architect, you will influence architecture and technical design of our websites, cloud services, client applications, hardware, and network to ensure they are meeting the highest security standards and in compliance with industry requirements such as PCI-DSS. You will engage throughout entire engineering lifecycle. You will be leading threat modeling and architecture analysis, penetration testing, and development of operating procedures to ensure highest standards in security are adopted for the POS and other in-store systems. You will guide the software engineers to design solutions that provide balanced mitigations for identified vulnerabilities and expousures. If you enjoy designing secure systems but also thinking like a hacker, breaking designs discovering security vulnerabilities, moving quickly reacting to new threat scenarios, this position will provide you with a challenging and high visibility opportunity.

The ideal candidate should be comfortable with a degree of ambiguity and able to work independently. You should have a broad view into the industry – both threat landscape and modern countermeasures. You should also be excited by technology, passionate about learning and should view every customer interaction as an opportunity to create an exceptional customer experience. This is an opportunity to work with industrial–scale distributed systems on a massive scale across multiple devices, multiple stores and thousands of customers. Come join a team that will enable builders build software and delight customers! As a security practitioner, you will have a great opportunity to expand your technical horizon, have fun, and make a positive impact on millions of people.


  • Bachelor’s degree in Computer Science or related field.
  • 5+ years of proven Architecture design experience in the Information Security discipline
  • Analytical approach to complex problem solving
  • Ability to lead a small virtual team of highly technical professionals in a complex, large-scale online services environment.
  • Knowledge of threat modeling or other risk identification techniques
  • Knowledge of techniques for authentication, authorization and usage of cryptographic systems such as PKI
  • Knowledge of system security vulnerabilities and remediation techniques such as attack trees
  • Good understanding of C, C++, and Java development on Unix and Windows platforms
  • Scripting skills (e.g., Perl, Python shell scripting)
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Experience working with development team(s) that have delivered commercial software or software-based services in a heterogeneous Microsoft Windows, Linux, and Android environments.
  • Excellent written and verbal communication skills such as Ability to represent complex technical requirements to Amazon product development teams, service providers, and technical solution product vendors.


  • Master’s/PhD in Computer Science or related field.
  • 8+ years of security engineering experience
  • 3+ years of experience in vulnerability testing and auditing
  • Experience with payment card security and industry standards such as PCI-DSS is a plus
  • Experience with cloud platforms (AWS, Azure) solutions security
  • Experience with IoT systems and solution

Share this job:


We pioneer
Amazon strives to be Earth's most customer-centric company where people can find and discover virtually anything they want to buy online. By giving customers more of what they want - low prices, vast selection, and convenience - Amazon continues to grow and evolve as a world-class e-commerce platform.

Founded by Jeff Bezos, the website started in 1995 as a place to buy books because of the unique customer experience the Web could offer book lovers. Bezos believed that only the Internet could offer customers the convenience of browsing a selection of millions of book titles in a single sitting. During the first 30 days of business, Amazon fulfilled orders for customers in 50 states and 45 countries - all shipped from his Seattle-area garage. 

Amazon's evolution from Web site to e-commerce partner to development platform is driven by the spirit of innovation that is part of the company's DNA. The world's brightest technology minds come to to research and develop technology that improves the lives of shoppers and sellers around the world.

e-Commerce, Retail, Operations, Internet
Visit Amazon's Social Media pages:
Company Industry: Internet
Company Type: Public Company
Company Size: 10,001+