Returning Candidate?

Sr. Security Engineer

Sr. Security Engineer

Job ID 
Posted Date 
Amazon Web Services, Inc.
Position Category 
Systems, Quality, & Security Engineering
Recruiting Team 

Job Description

Are you excited at the prospect of keeping millions of customers’ data safe? Do you want to help secure web services by implementing cryptography at scale? Security is the #1 concern of customers moving to the cloud and the AWS Cryptography team is dedicated to providing the security features our customers need. We enable customers to confidently move sensitive workloads to the cloud where they can benefit from strong security controls that help meet internal and external compliance requirements. AWS Key Management Service and AWS CloudHSM provide encryption and key management services, while AWS Certificate Manager handles the complexity of provisioning, deploying, and managing certificates.

The AWS Key Management Service (KMS) is rapidly being adopted by customers who value its security and ease-of-use. AWS KMS is looking for an experienced security engineer with an interest in practical cryptography to join us in building the most secure services in AWS. Our systems protect customers’ most sensitive data and accelerate the use of cryptography in the market.

You should have experience designing secure, scalable, customer-centric systems. Along with senior leaders and principal engineers, you will solve the challenges of growing and operating a globally distributed cryptographic security service.

Your responsibilities include:
  • Understand internal and external requirements and guide the AWS KMS team towards implementing functionality that will help AWS and our customers meet their security obligations.
  • Evangelize within and outside Amazon to encourage a secure and efficient adoption of our services and tools.
  • Develop demos, sample and technical collateral as required.
  • Work with other software engineers on the team to design and evaluate the security properties of new functionality.

Basic Qualifications

  • Bachelor’s Degree in Computer Science, Computer Engineering or related field, or 5+ years relevant work experience
  • 5+ years of experience delivering commercial software or software-based services (in a development, QA testing, or security role)
  • Strong experience and detailed technical knowledge in security engineering. This could include: system and network security, authentication and security protocols, public-key infrastructures, and application security.
  • Experience with threat modeling and other risk identification techniques
  • Development experience in C, C++ and/or Java and scripting skills
  • Excellent written and verbal communication skills
  • Results oriented, high energy, self-motivated

Preferred Qualifications

  • Master’s/PhD degree in Computer Science, Mathematics, Engineering or equivalent
  • 10+ years of security engineering experience
  • Experience with service-oriented architecture and web services security
  • Experience using AWS services, with expertise defining access control permissions.
  • Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
  • Knowledge of network and security implications of web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, TLS, routing protocols)
  • Detailed knowledge and experience in the use of cryptography to solve security problems