Skip to main content
Back to jobs

Sr. Engineer, Red Team, Bots & DDoS Threat Intelligence

External
Full-timeOn-site1mo ago
PythonJavaGoScalaAWS
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


Requirements

  • 5+ years of work in identifying security issues and risks, and developing mitigation plans experience
  • 4+ years of (non-internship) scripting, programming, and security code review in common programming languages experience
  • Knowledge of at least two of the following programming languages: Scala, Java, Python, C/C++, or Go
  • Experience (non-internship) in industry-based security vulnerabilities identification, attack patterns, and remediation techniques
  • Experience applying threat modeling or other risk identification techniques or equivalent
  • 5+ years of experience in offensive security, red teaming, or penetration testing
  • Deep hands-on expertise in web application security, bot evasion techniques, or DDoS attack methodologies
  • Experience with anti-detect browser frameworks (Nodriver, Puppeteer Stealth, Playwright)
  • Familiarity with LLM-based automation and AI agent architectures
  • Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
  • Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Additional Information

Application deadline: Jun 17, 2026 Amazon Traffic Engineering is looking for a Senior Red Team Security Engineer to join a new offensive security team focused on bot mitigation and DDoS defense. You'll design and execute adversarial simulations against Amazon's internet-facing infrastructure, testing the systems that protect billions of customer requests daily. Traffic Engineering securely connects all customers worldwide to SDO services and Stores marketplaces. We focus on protecting and optimizing internet-facing services, while meeting the evolving standards of the public-facing internet. As GenAI capabilities rapidly advance, with AI agents autonomously browsing the web, agentic browsers executing multi-step tasks, and LLM-powered bots capable of mimicking human behavior at scale, the threat landscape is fundamentally shifting. You will be a technical leader on this team, developing novel attack methodologies to stay ahead of adversaries leveraging autonomous agents for scraping, inventory manipulation, and distributed attacks. Key job responsibilities - Design and execute red team engagements targeting bot detection platforms, WAFs, CDN protections, and DDoS mitigation services - Develop and maintain custom offensive tooling - anti-detect browser automation, TLS fingerprint manipulation (JA3/JA3S), Canvas/WebGL evasion, and behavioral replay systems - Research and simulate emerging AI-driven attack vectors including autonomous browsing agents, LLM-powered bots, and agentic scraping techniques - Mentor junior engineers on tradecraft, engagement methodology, and responsible offensive operations - Collaborate with detection engineering teams to translate findings into measurable defensive improvements; author detailed technical reports with actionable remediation guidance


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Amazon.com Services LLC? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect