Description

AWS Security is on the cutting edge of many security issues for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization and custom hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member’s growth as our business grows.

As a Security Engineer on AWS Proactive Security Team, you will help ensure our devices, applications, services, and systems are designed and implemented to the highest standards and resilient to the modern threats. If you enjoy building secure solutions (devices and services), analyzing the security of systems that span from hardware to cloud services, discovering and addressing security issues and quickly reacting to new threat scenarios, this position will provide you with a challenging opportunity.

You will own security of unique and innovative products by helping integrate security right from the concept/design phase, through development, security assessments (architecture reviews, threat modeling, code reviews and security testing) and eventually deploying a secure solution for our customers. This position will provide exposure to diverse technology stack, working with highly talented engineers, opportunity to innovate and solve novel challenges while helping build smart and secure products/services for our customers.

You will tackle challenging, novel technical problems every day and you will have the opportunity to work with multiple technical teams at Amazon in different locations. You should be comfortable with a high degree of ambiguity and relish the idea of solving problems that haven't been solved at scale before. Along the way, we guarantee that you will learn a ton, have fun and make a positive impact on millions of people.

Key job responsibilities

• Application security reviews (Security architecture reviews, threat modeling, code reviews (Java, C/C++, Python) & security testing)

• Security reviews for Web applications, Cloud infrastructure reviews & IoT devices

• Working closely with product developers across hardware and software teams to incorporate security right from the design phase - throughout the development and deployment cycle

• Security guidance documentation & workflow automation

• Security metrics and process improvements contributions

• Assistance with recruiting activities

A day in the life

Work with AWS development teams who build products such as Just Walk Out services, Dash Carts, and Amazon One to review the security of the applications, guide the build teams to address the identified security gaps, rollout and maintain secure solutions.

About the team

About Amazon Security

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores

Inclusive Team Culture

In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Basic Qualifications

• Bachelor's degree in computer science or equivalent

• 3+ years of security engineering experience (security architecture reviews, threat modeling, code reviews & secure testing etc.), system and network security, authentication, security protocols, cryptography & application security

• Familiarity with common attack patterns and exploitation techniques for IoT devices, web & mobile applications

• Knowledge of commonly found software security vulnerabilities (like OWASP top 10) and remediation techniques

• Knowledge of basic networking and network security related concepts (TCP/UDP, Firewalls/Switches, Wi-Fi security, TLS, etc.)

Preferred Qualifications

• Experience in IoT/embedded device security (hardware & firmware security). Prior experience of working with software and hardware development engineers to build secure IoT devices at scale is advantageous for this role

• Experience with Security Engineering and Assurance methodologies e.g. fuzzing, static and dynamic code analysis

• Strong understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

• Demonstrable teamwork skills and resourcefulness

• Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)

• Ability to drive multiple technically complex security reviews together while remaining effective at providing security guidance to stakeholders

• Strong sense of ownership, urgency, and ability to drive initiatives with autonomy

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.