Amazon.com is looking for expert Security Engineers to defend critical Amazon applications. Join a team of elite Security Engineers who work tirelessly to secure the applications used by hundreds of millions of customers every day. Does this sound like you?
* You enjoy solving challenging technical problems.
* You have experience that shows breadth and depth of security knowledge. You are strong in multiple domains of software security.
* You know how to work as a partner with product teams and give them the advantage of your security experience.
* You recognize, adopt, use, and recommend best practices in security engineering.
* You work ceaselessly to improve your knowledge of the security threat landscape and of technologies that enable new forms of attack and defense.
* You are an effective communicator who engages well with technical and non-technical audiences alike.
Some more characteristics we're looking for:
* Great logic and problem-solving skills and good security instincts.
* The desire to solve security challenges at scale, and work on securing the next generation of applications powering the most sophisticated e-commerce platform ever built.
* Knowledge of threat modeling and other security risk identification methods.
* Knowledge of system security vulnerabilities and remediation techniques.
* Understanding of network protocols from data link through application layer.
* Excellent written and oral communication skills.
* Development experience in Java and C/C++.
* Working knowledge of Python, Perl, or Ruby.
* Exposure to multiple security engineering disciplines including application security, secure software development, cryptography, network security, system security, and security policy.
* Strong technical capabilities with demonstrated focus in at least one of the above disciplines.
* Ability to handle interruptions and work well under frequent context switches.
* Continual drive to increase your knowledge and enhance your skills.
* Proven ability to work effectively in a technology team.
* High energy, focus on delivering results, and ability to self-manage.
* Experience in providing practical solutions that enable product teams to meet business goals while controlling security risk.
* Ability to solve problems at their root and step back to understand the broader context.
* Understanding of relevant threat environments and how they affect products.
* Deep understanding of the interplay between attack and defense. Familiarity with current network security and application security tools and how to apply them.
* Ability to promote secure design principles and a security-focused outlook across a large organization.
As a Security Engineer, you will:
* Perform end-to-end application security reviews to ensure critical information is appropriately protected.
* Identify security vulnerabilities and risks, and develop mitigation plans.
* Provide security architecture and design consultations to product teams, to help them build applications that are secure from the start.
* Architect, design, implement, support, and evaluate security tools and services.
* Develop and interpret security policies and procedures.
* Mentor junior members of the team.
* Develop and deliver security training across the company.
* Evaluate and recommend new and emerging security technologies for use inside and outside the security organization.
* Produce creative and inventive solutions for large problems. Participate in projects that develop new intellectual property.
* Be an advocate for customer trust.