New AWS tool recommends removal of unused permissions

IAM Access Analyzer feature uses automated reasoning to recommend policies that remove unused accesses, helping customers achieve “least privilege”.

AWS Identity and Access Management (IAM) policies provide customers with fine-grained control over who has access to what resources in the Amazon Web Services (AWS) Cloud. This control helps customers enforce the principle of least privilege by granting only the permissions required to perform particular tasks. In practice, however, writing IAM policies that enforce least privilege requires customers to understand what permissions are necessary for their applications to function, which can become challenging when the scale of the applications grows.

To help customers understand what permissions are not necessary, we launched IAM Access Analyzer unused access findings at the 2023 re:Invent conference. IAM Access Analyzer analyzes your AWS accounts to identify unused access and creates a centralized dashboard to report its findings. The findings highlight unused roles and unused access keys and passwords for IAM users. For active IAM roles and users, the findings provide visibility into unused services and actions.

Related content
New IAM Access Analyzer feature uses automated reasoning to ensure that access policies written in the IAM policy language don’t grant unintended access.

To take this service a step further, in June 2024 we launched recommendations to refine unused permissions in Access Analyzer. This feature recommends a refinement of the customer’s original IAM policies that retains the policy structure while removing the unused permissions. The recommendations not only simplify removal of unused permissions but also help customers enact the principle of least privilege for fine-grained permissions.

In this post, we discuss how Access Analyzer policy recommendations suggest policy refinements based on unused permissions, which completes the circle from monitoring overly permissive policies to refining them.

Policy recommendation in practice

Let's dive into an example to see how policy recommendation works. Suppose you have the following IAM policy attached to an IAM role named MyRole:

{
  "Version": "2012-10-17",
  "Statement": [
   {
      "Effect": "Allow",
      "Action": [
        "lambda:AddPermission",
        "lambda:GetFunctionConfiguration",
        "lambda:UpdateFunctionConfiguration",
        "lambda:UpdateFunctionCode",
        "lambda:CreateFunction",
        "lambda:DeleteFunction",
        "lambda:ListVersionsByFunction",
        "lambda:GetFunction",
        "lambda:Invoke*"
      ],
      "Resource": "arn:aws:lambda:us-east-1:123456789012:function:my-lambda"
   },
  {
    "Effect" : "Allow",
    "Action" : [
      "s3:Get*",
      "s3:List*"
    ],
    "Resource" : "*"
  }
 ]
}

The above policy has two policy statements:

  • The first statement allows actions on a function in AWS Lambda, an AWS offering that provides function execution as a service. The allowed actions are specified by listing individual actions as well as via the wildcard string lambda:Invoke*, which permits all actions starting with Invoke in AWS Lambda, such as lambda:InvokeFunction.
  • The second statement allows actions on any Amazon Simple Storage Service (S3) bucket. Actions are specified by two wildcard strings, which indicate that the statement allows actions starting with Get or List in Amazon S3.

Enabling Access Analyzer for unused finding will provide you with a list of findings, each of which details the action-level unused permissions for specific roles. For example, for the role with the above policy attached, if Access Analyzer finds any AWS Lambda or Amazon S3 actions that are allowed but not used, it will display them as unused permissions.

Related content
Amazon Web Services (AWS) is a cloud computing services provider that has made significant investments in applying formal methods to proving correctness of its internal systems and providing assurance of correctness to their end-users. In this paper, we focus on how we built abstractions and eliminated specifications to scale a verification engine for AWS access policies, Zelkova, to be usable by all AWS

The unused permissions define a list of actions that are allowed by the IAM policy but not used by the role. These actions are specific to a namespace, a set of resources that are clustered together and walled off from other namespaces, to improve security. Here is an example in Json format that shows unused permissions found for MyRole with the policy we attached earlier:

[
 {
    "serviceNamespace": "lambda",
    "actions": [
      "UpdateFunctionCode",
      "GetFunction",
      "ListVersionsByFunction",
      "UpdateFunctionConfiguration",
      "CreateFunction",
      "DeleteFunction",
      "GetFunctionConfiguration",
      "AddPermission"
    ]
  },
  {
    "serviceNamespace": "s3",
    "actions": [
        "GetBucketLocation",
        "GetBucketWebsite",
        "GetBucketPolicyStatus",
        "GetAccelerateConfiguration",
        "GetBucketPolicy",
        "GetBucketRequestPayment",
        "GetReplicationConfiguration",
        "GetBucketLogging",
        "GetBucketObjectLockConfiguration",
        "GetBucketNotification",
        "GetLifecycleConfiguration",
        "GetAnalyticsConfiguration",
        "GetBucketCORS",
        "GetInventoryConfiguration",
        "GetBucketPublicAccessBlock",
        "GetEncryptionConfiguration",
        "GetBucketAcl",
        "GetBucketVersioning",
        "GetBucketOwnershipControls",
        "GetBucketTagging",
        "GetIntelligentTieringConfiguration",
        "GetMetricsConfiguration"
    ]
  }
]

This example shows actions that are not used in AWS Lambda and Amazon S3 but are allowed by the policy we specified earlier.

Related content
Rungta had a promising career with NASA, but decided the stars aligned for her at Amazon.

How could you refine the original policy to remove the unused permissions and achieve least privilege? One option is manual analysis. You might imagine the following process:

  • Find the statements that allow unused permissions;
  • Remove individual actions from those statements by referencing unused permissions.

This process, however, can be error prone when dealing with large policies and long lists of unused permissions. Moreover, when there are wildcard strings in a policy, removing unused permissions from them requires careful investigation of which actions should replace the wildcard strings.

Policy recommendation does this refinement automatically for customers!

The policy below is one that Access Analyzer recommends after removing the unused actions from the policy above (the figure also shows the differences between the original and revised policies):

{
  "Version": "2012-10-17",
  "Statement" : [
   {
      "Effect" : "Allow",
      "Action" : [
-       "lambda:AddPermission",
-       "lambda:GetFunctionConfiguration",
-       "lambda:UpdateFunctionConfiguration",
-       "lambda:UpdateFunctionCode",
-       "lambda:CreateFunction",
-       "lambda:DeleteFunction",
-       "lambda:ListVersionsByFunction",
-       "lambda:GetFunction",
        "lambda:Invoke*"
      ],
      "Resource" : "arn:aws:lambda:us-east-1:123456789012:function:my-lambda"
    },
    {
     "Effect" : "Allow",
     "Action" : [
-      "s3:Get*",
+      "s3:GetAccess*",
+      "s3:GetAccountPublicAccessBlock",
+      "s3:GetDataAccess",
+      "s3:GetJobTagging",
+      "s3:GetMulti*",
+      "s3:GetObject*",
+      "s3:GetStorage*",
       "s3:List*"
     ],
     "Resource" : "*"
   }
  ]
}

Let’s take a look at what’s changed for each policy statement.

For the first statement, policy recommendation removes all individually listed actions (e.g., lambda:AddPermission), since they appear in unused permissions. Because none of the unused permissions starts with lambda:Invoke, the recommendation leaves lambda:Invoke* untouched.

For the second statement, let’s focus on what happens to the wildcard s3:Get*, which appears in the original policy. There are many actions that can start with s3:Get, but only some of them are shown in the unused permissions. Therefore, s3:Get* cannot just be removed from the policy. Instead, the recommended policy replaces s3:Get* with seven actions that can start with s3:Get but are not reported as unused.

Related content
Amazon scientists are on the cutting edge of using math-based logic to provide better network security, access management, and greater reliability.

Some of these actions (e.g., s3:GetJobTagging) are individual ones, whereas others contain wildcards (e.g., s3:GetAccess* and s3:GetObject*). One way to manually replace s3:Get* in the revised policy would be to list all the actions that start with s3:Get except for the unused ones. However, this would result in an unwieldy policy, given that there are more than 50 actions starting with s3:Get.

Instead, policy recommendation identifies ways to use wildcards to collapse multiple actions, outputting actions such as s3:GetAccess* or s3:GetMulti*. Thanks to these wildcards, the recommended policy is succinct but still permits all the actions starting with s3:Get that are not reported as unused.

How do we decide where to place a wildcard in the newly generated wildcard actions? In the next section, we will dive deep on how policy recommendation generalizes actions with wildcards to allow only those actions that do not appear in unused permissions.

A deep dive into how actions are generalized

Policy recommendation is guided by the mathematical principle of “least general generalization” — i.e., finding the least permissive modification of the recommended policy that still allows all the actions allowed by the original policy. This theorem-backed approach guarantees that the modified policy still allows all and only the permissions granted by the original policy that are not reported as unused.

To implement the least-general generalization for unused permissions, we construct a data structure known as a trie, which is a tree each of whose nodes extends a sequence of tokens corresponding to a path through the tree. In our case, the nodes represent prefixes shared among actions, with a special marker for actions reported in unused permissions. By traversing the trie, we find the shortest string of prefixes that does not contain unused actions.

The diagram below shows a simplified trie delineating actions that replace the S3 Get* wildcard from the original policy (we have omitted some actions for clarity):

Access Analyzer trie.png
A trie delineating actions that can replace the Get* wildcard in an IAM policy. Nodes containing unused actions are depicted in orange; the remaining nodes are in green.

At a high level, the trie represents prefixes that are shared by some of the possible actions starting with s3:Get. Its root node represents the prefix Get; child nodes of the root append their prefixes to Get. For example, the node named Multi represents all actions that start with GetMulti.

Related content
Automated reasoning and optimizations specific to CPU microarchitectures improve both performance and assurance of correct implementation.

We say that a node is safe (denoted in green in the diagram) if none of the unused actions start with the prefix corresponding to that node; otherwise, it is unsafe (denoted in orange). For example, the node s3:GetBucket is unsafe because the action s3:GetBucketPolicy is unused. Similarly, the node ss is safe since there are no unused permissions that start with GetAccess.

We want our final policies to contain wildcard actions that correspond only to safe nodes, and we want to include enough safe nodes to permit all used actions. We achieve this by selecting the nodes that correspond to the shortest safe prefixes—i.e., nodes that are themselves safe but whose parents are not. As a result, the recommended policy replaces s3:Get* with the shortest prefixes that do not contain unused permissions, such as s3:GetAccess*, s3:GetMulti* and s3:GetJobTagging.

Together, the shortest safe prefixes form a new policy that, while syntactically similar to the original policy, is the least-general generalization to result from removing the unused actions. In other words, we have not removed more actions than necessary.

You can find how to start using policy recommendation with unused access in Access Analyzer. To learn more about the theoretical foundations powering policy recommendation, be sure to check out our science paper.

Related content

GB, London
Have you ever ordered a product on Amazon and when that box with the smile arrived you wondered how it got to you so fast? Have you wondered where it came from and how much it cost Amazon to deliver it to you? We are looking for a Data Scientist who will be responsible to develop scientific solutions to optimize our fulfillment strategy across multiple regions of the world (EU, JP, IN and more), to maximize our Customer Experience and minimize our cost and carbon footprint. You will partner with the worldwide scientific community to help design the optimal fulfillment strategy for Amazon. You will also collaborate with technical teams to develop optimization tools for network flow planning and execution systems. Finally, you will also work with business and operational stakeholders to influence their strategy and gather inputs to solve problems. To be successful in the role, you will need deep analytical skills and a strong scientific background. The role also requires excellent communication skills, and an ability to influence across business functions at different levels. You will work in a fast-paced environment that requires you to be detail-oriented and comfortable in working with technical, business and technical teams. Key job responsibilities - Design and develop mathematical models to optimize inventory placement and product flows. - Design and develop statistical and optimization models for planning Supply Chain under uncertainty. - Manage several, high impact projects simultaneously. - Consult and collaborate with business and technical stakeholders across multiple teams to define new opportunities to optimize our Supply Chain. - Communicate data-driven insights and recommendations to diverse senior stakeholders through technical and/or business papers. - Leverage LLMs to improve explainability of our optimization solutions and drive engagement from supply chain planners across the world.
ES, M, Madrid
Are you interested in changing how Amazon does marketing — moving beyond platform-optimized broad reach to campaigns that find the right customer, at the right moment, using Amazon's unmatched 1P data? We are seeking an Applied Scientist to join PRIMAS (Prime & Marketing Analytics and Science). In this role, you will design and run the experiments that answer the foundational question for EU marketing: does adding 1P audience signal on top of Value-Based Optimization (VBO) improve marketing efficiency — and if so, for which customer cohorts, on which surfaces, and at what scale? Amazon's current marketing model is largely platform-led: we set objectives and let platforms optimize toward conversion. This approach works well for broad acquisition but systematically underserves lifecycle goals — it cannot distinguish between a Bargain Hunter who will never pay full price and a high-potential customer one nudge away from becoming a Prime member. This role sits at the center of changing that. You will build the 1P audiences, design the experiments that test them, and generate the evidence that guides how Amazon allocates hundreds of millions in marketing spend. Year 1 is an experimentation year. You will deploy 1P audiences across multiple surfaces and channels — Meta, Google, Amazon Display Ads — and measure incrementally against VBO baselines. The goal is not to replace platform optimization but to understand when and where the combination of 1P signal + VBO outperforms VBO alone, and to build the experimental infrastructure that makes this learning scalable. Key job responsibilities 1P Audience Development & Experimentation: - Build and validate 1P audience segments from Amazon behavioral, transactional, and lifecycle data - Design experiments that isolate the incremental effect of 1P audience signal over platform VBO baselines - Deploy audiences across activation surfaces and establish measurement standards that make cross-surface comparison valid Causal Measurement & Incrementality: - Apply causal inference methods to measure the true incremental lift of audience-based targeting vs. VBO - Develop power analysis frameworks and guardrails that enable rapid experimentation without underpowered or conflated tests - Deliver optimization recommendations grounded in experimental evidence: which cohorts respond, which surfaces deliver, which creative strategies drive behavior change Scaling the Learning: - Build reusable audience and measurement frameworks that can be deployed across campaigns and channels — year 1 experiments should produce infrastructure, not one-off analyses - Document experimental learnings in a way that informs both the 2026 roadmap and the business case for investing further in 1P audience capabilities in 2027+ - Partner with engineering and PMT to translate validated audience prototypes into production-ready solutions that scale beyond the experimentation phase About the team The PRIMAS team, is part of a larger tech tech team of 100+ people called WIMSI (WW Integrated Marketing Systems and Intelligence). WIMSI core mission is to accelerate marketing technology capabilities that enable de-averaged customer experiences across the marketing funnel: awareness, consideration, and conversion.
IN, KA, Bengaluru
We are seeking a stellar Machine Learning scientist who has experience developing and shipping large scale ML products with visible customer impact. We would prefer if your previous work has been in developing scalable Agentic, RL or forecasting systems. Strong academic background in Statistics, Machine Learning & Deep Learning is required with Tier -1 publications being a plus. • Master’s degree in CS or ML related fields • Scientist/Tech Lead creating and shipping impactful ML products. • Ability to write clear, structured and modularized code in Python. • Expertise in Deep Learning frameworks such as Tensorflow, Keras and Pytorch & Agentic frameworks such as LangChain, Crew AI etc. • Industry experience designing complex scalable AI systems. • Experience and technical expertise across various science domains. Crucial ones being statistics, deep & machine learning. • Experience creating data pipelines & proficient in querying data from Spark/HIVE/Redshift/other large scale data warehousing platforms. • Expert in distilling informal customer requirements into problem definitions, dealing with ambiguity and formulating ML products to solve these problems. Key job responsibilities In this position, you will be a key contributor (with direct leadership visibility) building, productionizing (real & batch) and measuring impact of state of the art personalized Gen AI systems for Amazon global selling partners and contribute to Amazon wide research in this area in the form of publications and white papers. You will work with global leaders and teams across time zones on a regular basis. About the team Millions of Sellers list their products for sale on the Amazon Marketplace. Sellers are a critical part of Amazon’s ecosystem to deliver on our vision of offering the Earth’s largest selection and lowest prices. In this ecosystem our team plays a critical role in enabling Sellers across EU5, China, Japan, Australia, Brazil and Turkey to make their Selection available to customers globally and deliver the experience they have come to expect from Amazon. We help independent sellers compete against our first-party business by investing in and offering them the very best selling tools we could imagine and build. We are pushing the boundaries of these machine learning tools in areas of Agentic, recommendation and forecasting systems to help our sellers sell more and across borders.
IN, KA, Bengaluru
We are seeking a stellar Machine Learning scientist who has experience developing and shipping large scale ML products with visible customer impact. We would prefer if your previous work has been in developing scalable Agentic, RL or forecasting systems. Strong academic background in Statistics, Machine Learning & Deep Learning is required with Tier -1 publications being a plus. • Master’s degree in CS or ML related fields • Scientist/Tech Lead creating and shipping impactful ML products. • Ability to write clear, structured and modularized code in Python. • Expertise in Deep Learning frameworks such as Tensorflow, Keras and Pytorch & Agentic frameworks such as LangChain, Crew AI etc. • Industry experience designing complex scalable AI systems. • Experience and technical expertise across various science domains. Crucial ones being statistics, deep & machine learning. • Experience creating data pipelines & proficient in querying data from Spark/HIVE/Redshift/other large scale data warehousing platforms. • Expert in distilling informal customer requirements into problem definitions, dealing with ambiguity and formulating ML products to solve these problems. Key job responsibilities In this position, you will be a key contributor (with direct leadership visibility) building, productionizing (real & batch) and measuring impact of state of the art personalized Gen AI systems for Amazon global selling partners and contribute to Amazon wide research in this area in the form of publications and white papers. You will work with global leaders and teams across time zones on a regular basis. About the team Millions of Sellers list their products for sale on the Amazon Marketplace. Sellers are a critical part of Amazon’s ecosystem to deliver on our vision of offering the Earth’s largest selection and lowest prices. In this ecosystem our team plays a critical role in enabling Sellers across EU5, China, Japan, Australia, Brazil and Turkey to make their Selection available to customers globally and deliver the experience they have come to expect from Amazon. We help independent sellers compete against our first-party business by investing in and offering them the very best selling tools we could imagine and build. We are pushing the boundaries of these machine learning tools in areas of Agentic, recommendation and forecasting systems to help our sellers sell more and across borders.
US, CA, San Francisco
The Models, Quantum, and Silicon (MQS) Center for Quantum Computing (CQC) is a multi-disciplinary team of scientists, engineers, and technicians, on a mission to develop a fault-tolerant quantum computer. We are looking to hire a Research Software Engineer to join our growing Software team. You will work closely with our experimental physics teams to enable their work characterizing, calibrating, and operating novel quantum devices. The ideal candidate should be able to translate high-level science requirements into software implementations (e.g. Python APIs/frameworks, data analysis pipelines, calibration nodes) that are performant, scalable, and intuitive. This requires someone who (1) has a strong desire to work within a team of scientists and engineers, and (2) demonstrates ownership in initiating and driving projects to completion. This role has a particular emphasis on working directly with experimental physicists to develop scientific software workflows that enable scaling to larger quantum devices. Inclusive Team Culture Here at Amazon, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon conferences, inspire us to never stop embracing our uniqueness. Diverse Experiences Amazon values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Mentorship & Career Growth We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud. Export Control Requirement Due to applicable export control laws and regulations, candidates must be either a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum, or be able to obtain a US export license. If you are unsure if you meet these requirements, please apply and Amazon will review your application for eligibility. Key job responsibilities - Architect extensible & intuitive frameworks for running quantum computing experiments and analyzing data. - Leverage the latest techniques in quantum calibration to enable scaling to larger devices. - Optimize the performance of experiment & analysis tools to enable faster experiment throughput. - Develop dashboards that allow experimentalists to inspect and control the state of quantum device calibration. - Deploy and maintain cloud infrastructure that supports increasingly-complex science workflows. - Empower scientists to actively contribute to the codebase through mentorship and documentation. We are looking for candidates with strong engineering principles, a bias for action, superior problem-solving, and excellent communication skills. Working effectively within a team environment is essential. As a Research Software Engineer embedded in a broader research science organization, you will have the opportunity to work on new ideas and stay abreast of the field of experimental quantum computation. A day in the life The majority of your time will be spent on projects that extend the functional capabilities or performance of our internal research software stack. This requires working backwards from the needs of our science staff in the context of our larger experimental roadmap. You will translate science and software requirements into design proposals balancing implementation complexity against time-to-delivery. Once a design proposal has been reviewed and accepted, you’ll drive implementation and coordinate with internal stakeholders to ensure a smooth roll out. Because many high-level experimental goals have cross-cutting requirements, you’ll often work closely with other engineers or scientists or on the team. About the team You will be joining the Software group within the MQS Center of Quantum Computing. Our team is comprised of scientists and software engineers who are building scalable software that enables quantum computing technologies.
US, WA, Bellevue
What does it take to build a foundation model that can forecast demand for hundreds of millions of products — including ones that have never been sold before? At Amazon, our Demand Forecasting team is tackling one of the most ambitious challenges in applied time series research: building large-scale foundation models that generalize across an enormous and diverse catalog of products, geographies, and business contexts. This is not incremental modeling work. We are redefining what's possible in demand forecasting. Our team operates at a scale that is unmatched in industry. We run experiments across millions of products simultaneously, pushing the boundaries of what foundation models can learn from vast, heterogeneous time series data. We are also exploring novel data generation techniques that augment our already unprecedented dataset — opening new frontiers in model generalization and forecasting for products with limited or no sales history. The models you build here will ship to production and directly influence hundreds of millions of dollars in automated inventory decisions every week, labor plans for tens of thousands of employees, and Amazon's financial outlook. Beyond operational impact, this team contributes to the broader scientific community and advances the state of the art in time series foundation models. If you are a scientist who wants to work at the frontier of time series research, at a scale no academic lab or startup can match, and see your work deployed to real-world impact — this is the team for you. Key job responsibilities - Design and run rigorous experiments at scale to evaluate and improve foundation model performance across hundreds of millions of products, geographies, and business verticals - Lead the end-to-end lifecycle of forecasting models — from research and experimentation through production launch — including defining success metrics, obtaining stakeholder sign-off, and managing rollout - Conduct online and offline labs to measure the real-world impact of forecast improvements beyond accuracy, including downstream supply chain, inventory, and financial outcomes - Develop and deploy production-grade deep learning and statistical models using Python, Scala, SQL, and related tools - Perform large-scale exploratory data analysis to uncover patterns, identify opportunities, and inform model development - Translate complex research findings into clear insights and recommendations for technical and non-technical stakeholders at all levels - Contribute to Amazon's scientific community and the broader research field through collaboration and publication in top-tier venues A day in the life No two days look the same, but most will involve some combination of deep technical work, cross-functional collaboration, and scientific thinking at a scale you won't find anywhere else. You might start the morning reviewing the results of an experiment running across hundreds of millions of products — analyzing whether a new foundation model variant is improving generalization on cold-start items, or whether a novel data generation approach is meaningfully shifting forecast quality. You'll dig into the numbers, form a hypothesis, and design the next iteration. Later in the day, you could be in a stakeholder review, walking business and engineering partners through a set of launch metrics — explaining not just forecast accuracy, but the downstream supply chain and financial impact your model is driving. Getting a model to production at Amazon requires rigor: you'll define success criteria, run online and offline labs to validate real-world impact, and build the case for sign-off across technical and business stakeholders. You'll write code — Python, Scala, SQL — to process and analyze data at a scale most scientists never encounter. You'll collaborate closely with scientists, engineers, and business teams, and contribute to research that has a real chance of being published and advancing the field. The work is hard, the problems are unsolved, and the impact is immediate. If you want to do research that ships — this is where you do it. About the team The Demand Forecasting team sits at the heart of Amazon's supply chain, building the science that determines what products are available, when, and at what cost — for hundreds of millions of customers around the world. Our mission is to push the frontier of what's possible in large-scale time series forecasting, and to deploy that science where it creates real, measurable impact. We are a team of scientists who care deeply about both research rigor and real-world outcomes. We don't just publish — we ship. And we don't just ship — we measure, iterate, and raise the bar. Our work spans the full lifecycle: from foundational research and large-scale experimentation to production deployment and downstream impact measurement across supply chain, inventory, and financial planning.
US, WA, Seattle
Amazon Advertising is one of Amazon's fastest growing and most profitable businesses. As a core product offering within our advertising portfolio, Sponsored Products (SP) helps merchants, retail vendors, and brand owners succeed via native advertising, which grows incremental sales of their products sold through Amazon. The SP team's primary goals are to help shoppers discover new products they love, be the most efficient way for advertisers to meet their business objectives, and build a sustainable business that continuously innovates on behalf of customers. Our products and solutions are strategically important to enable our Retail and Marketplace businesses to drive long-term growth. We deliver billions of ad impressions and millions of clicks and break fresh ground in product and technical innovations every day! Within Sponsored Products, the Bidding team is responsible for defining and delivering a collection of advertising products around bid controls (dynamic bidding, bid recommendations, etc.) that drive discovery and sales. Our solutions generate billions in revenue and drive long-term growth for Amazon’s Retail and Marketplace businesses. We deliver billions of ad impressions, millions of clicks daily, and break fresh ground to create world-class products. We are highly motivated, collaborative, and fun-loving team with an entrepreneurial spirit - with a broad mandate to experiment and innovate. You will invent new experiences and influence customer-facing shopping experiences to help suppliers grow their retail business and the auction dynamics that leverage native advertising; this is your opportunity to work within the fastest-growing businesses across all of Amazon! Define a long-term science vision for our advertising business, driven fundamentally from our customers' needs, translating that direction into specific plans for research and applied scientists, as well as engineering and product teams. This role combines science leadership, organizational ability, technical strength, product focus, and business understanding. Key job responsibilities As a Senior Applied Scientist on this team, you will: • Lead a new initiative across Sponsored Products Bidding focused on AI/ML based features. • Be the technical leader in AI, Machine Learning; lead efforts within this team and across other teams. • Perform hands-on analysis and modeling of enormous data sets to develop insights that increase traffic monetization and merchandise sales, without compromising the shopper experience. • Drive end-to-end AI/Machine Learning projects that have a high degree of ambiguity, scale, complexity. • Build models, perform proof-of-concept, experiment, optimize, and deploy your models into production; work closely with software engineers to assist in productionizing your AI/ML models. • Run A/B experiments, gather data, and perform statistical analysis. • Establish scalable, efficient, automated processes for large-scale data analysis, machine-learning model development, model validation and serving. • Research new and innovative AI/ machine learning approaches. • Recruit Applied Scientists to the team and provide mentorship. A day in the life Why you will love this opportunity: Amazon is investing heavily in building a world-class advertising business. This team defines and delivers a collection of advertising products that drive discovery and sales. Our solutions generate billions in revenue and drive long-term growth for Amazon's Retail and Marketplace businesses. We deliver billions of ad impressions, millions of clicks daily, and break fresh ground to create world-class products. We are a highly motivated, collaborative, and fun-loving team with an entrepreneurial spirit - with a broad mandate to experiment and innovate. Impact and Career Growth: You will invent new experiences and influence customer-facing shopping experiences to help suppliers grow their retail business and the auction dynamics that leverage native advertising; this is your opportunity to work within the fastest-growing businesses across all of Amazon! Define a long-term science vision for our advertising business, driven from our customers' needs, translating that direction into specific plans for research and applied scientists, as well as engineering and product teams. This role combines science leadership, organizational ability, technical strength, product focus, and business understanding. About the team The Sponsored Products and Brands team at Amazon Ads is re-imagining the advertising landscape through the latest generative AI technologies, revolutionizing how millions of customers discover products and engage with brands across Amazon.com and beyond. We are at the forefront of re-inventing advertising experiences, bridging human creativity with artificial intelligence to transform every aspect of the advertising lifecycle from ad creation and optimization to performance analysis and customer insights. We are a passionate group of innovators dedicated to developing responsible and intelligent AI technologies that balance the needs of advertisers, enhance the shopping experience, and strengthen the marketplace. If you're energized by solving complex challenges and pushing the boundaries of what's possible with AI, join us in shaping the future of advertising. The SPB Bidding team within Sponsored Products and Brands is focused on guiding and supporting Millions of advertisers to meet their advertising needs of creating and managing ad campaigns. At this scale, the complexity of diverse advertiser goals, campaign types, and market dynamics creates both a massive technical challenge and a transformative opportunity: even small improvements in bidding systems can have outsized impact on advertiser success and Amazon’s retail ecosystem. Our vision is to build a highly personalized, context-aware bidding system that leverages auction simulations, ML models, and optimization algorithms. This framework, will operate across SPB bidding system and proactively delivering value based on deep understanding of the advertiser. To execute this vision, we collaborate closely with stakeholders across Ad Console, Sales, and Marketing to identify opportunities—from high-level product guidance down to granular recommendations—and deliver them through a tailored, personalized experience. Our work is grounded in state-of-the-art bidding agent architectures, tool integration, reasoning frameworks, and model customization approaches (including tuning and preference optimization), ensuring our systems are both scalable and adaptive.
US, VA, Arlington
Amazon Web Services (AWS) is the world leader in providing a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers hundreds of thousands of businesses in 190 countries around the world! Passionate about building, owning and operating massively scalable systems? Want to make a billion-dollar impact? If so, we have an exciting opportunity for you. The AWS Managed Operations (MO) organization was founded in April 2023, with the objective to reduce operational load and toil through long-term engineering projects. MO is building the best-in-class engineering and operations team that will own the day-to-day operations for AWS Regions; improving the availability, reliability, latency, performance and efficiency to operate AWS regions. The AWS Managed Operations Intelligence (MOI) Team is looking for a Data Scientist to lead the research and thought leadership to drive our data and insight strategy for AWS. You will be expected to serve as a Full Stack Data Scientist. You will be responsible for driving data-driven transformation across the organization. In this role, you will be responsible for the end-to-end data science lifecycle, from data exploration, ETL, model development and data visualization. You will leverage a diverse set of tools and technologies, including general analytical frameworks (Spark, Airflow, etc.), AI frameworks (Hugging Face, etc.) and various machine learning frameworks, to tackle complex business problems. Your analytics research will provide direction on the technology strategy of the Managed Operations organization. Your Decision Science artifacts will provide insights that inform AWS' Operations and Site Reliability Engineering teams. You will work on ambiguous and complex business and research science problems at scale. You are and comfortable working with cross-functional teams and systems. This role will sit in our new headquarters in Northern Virginia, where Amazon will invest $2.5 billion dollars, occupy 4 million square feet of energy efficient office space, and create at least 25,000 new full-time jobs. Our employees and the neighboring community will also benefit from the associated investments from the Commonwealth including infrastructure updates, public transportation improvements, and new access to Reagan National Airport. By working together on behalf of our customers, we are building the future one innovative product, service, and idea at a time. Are you ready to embrace the challenge? Come build the future with us. This position requires that the candidate selected be a U.S. citizen. 10012 Key job responsibilities - Work with large and complex data sets to solve a wide array of challenging problems using different analytical approaches - Develop ML/AI models. Partner with software teams to productionalize these models. - Data Pipeline and Infrastructure: design and implementation of data pipelines - Metric Development and Monitoring: Define and develop advanced, customized metrics and key performance indicators (KPIs) that capture the nuances of the organization's strategic objectives and operational complexities. Continuously monitor and evaluate the performance of metrics A day in the life Why AWS? Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge-sharing and mentorship. Our senior members enjoy one-on-one mentoring and thorough, but kind, code reviews. We care about your career growth and strive to assign projects that help our team members develop your engineering expertise so you feel empowered to take on more complex tasks in the future. Diverse Experiences AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. About AWS Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. AWS Infrastructure Services (AIS) AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global infrastructure. In other words, we’re the people who keep the cloud running. We support all AWS data centers and all of the servers, storage, networking, power, and cooling equipment that ensure our customers have continual access to the innovation they rely on. We work on the most challenging problems, with thousands of variables impacting the supply chain — and we’re looking for talented people who want to help. Inclusive Team Culture AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do. Mentorship & Career Growth We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud. About the team The Managed Operations Intelligence (MOI) Team helps AWS operate its services across the world. We help monitor AWS operations by providing insights and recommendations on AWS operations. This position requires that the candidate selected be a U.S. citizen.
GB, London
Amazon Strategic Account Services (SAS) Tech Organization is looking for an Applied Scientist Applied Scientist who can autonomously drive scientific innovations from research to production, developing sophisticated AI solutions that serve both Amazon's global seller base and internal Marketplace Consultants. Working in a highly collaborative environment, you'll leverage expertise in machine learning, operations research, and statistics to translate theoretical advances in LLMs, probabilistic modeling, and optimization into practical applications. The role demands strong capabilities in prototyping and iterative improvement, bridging cutting models with real-world applications while maintaining scientific rigor and measurable business impact. Key job responsibilities - Lead the development of sophisticated AI solutions leveraging deep learning, LLMs, and advanced machine learning techniques to transform both seller operations and internal consultancy capabilities at scale - Define and drive long-term scientific vision for the organization, translating complex business challenges into innovative technical solutions that advance the state-of-the-art in applied machine learning - Design and implement advanced ML architectures combining multiple learning paradigms - from reinforcement learning and causal inference to predictive modeling - to tackle critical marketplace challenges - Architect next-generation recommendation and optimization systems that handle complex multi-dimensional constraints while maintaining robustness and interpretability at scale - Drive end-to-end development of AI applications from research through production, collaborating with engineering teams to ensure successful deployment and conducting rigorous A/B experiments to validate impact - Pioneer novel applications of foundation models and generative AI, developing sophisticated evaluation frameworks while maintaining Amazon's high standards for accuracy and reliability - Lead technical discussions across organizational boundaries, effectively communicating complex scientific concepts to diverse stakeholders while staying at the forefront of ML/AI research advancements About the team What is Amazon Strategic Account Services (SAS)? The SAS team aims to accelerate the full potential of our Sellers, helping them to navigate the increasing complexity of the e-commerce space. Our team provides in-depth strategic consultancy using a data-driven, collaborative, and a Customer-focused approach to achieve commercial goals of Amazon Sellers.
US, TX, Austin
Amazon Leo is an initiative to launch a constellation of Low Earth Orbit satellites that will provide low-latency, high-speed broadband connectivity to unserved and underserved communities around the world. As a Systems Engineer, this role is primarily responsible for the design, development and integration of communication payload and customer terminal systems. The Role: Be part of the team defining the overall communication system and architecture of Amazon Leo’s broadband wireless network. This is a unique opportunity to innovate and define groundbreaking wireless technology at global scale. The team develops and designs the communication system for Leo and analyzes its overall system level performance such as for overall throughput, latency, system availability, packet loss etc. This role in particular will be responsible for leading the effort in designing and developing advanced technology and solutions for communication system. This role will also be responsible developing advanced physical layer + protocol stacks systems as proof of concept and reference implementation to improve the performance and reliability of the LEO network. In particular this role will be responsible for using concepts from digital signal processing, information theory, wireless communications to develop novel solutions for achieving ultra-high performance LEO network. This role will also be part of a team and develop simulation tools with particular emphasis on modeling the physical layer aspects such as advanced receiver modeling and abstraction, interference cancellation techniques, FEC abstraction models etc. This role will also play a critical role in the integration and verification of various HW and SW sub-systems as a part of system integration and link bring-up and verification. Export Control Requirement: Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.