• Senior Security Engineer

    Location US-TX-Austin
    Posted Date 2 weeks ago(7/31/2018 6:05 AM)
    Job ID
    601938
    Company
    Amazon Web Services, Inc.
    Position Category
    Systems, Quality, & Security Engineering
  • Job Description

    The Global AWS Hardware Infrastructure Security Team (HIST) is looking for an experienced Senior Security Engineer to help ensure that the networks and hardware devices inside AWS data centers are designed and implemented to the highest possible security standards.

    As of Q1 2018, with nearly $22 billion dollars in annual business across 18 geographic Regions, and more than 125 major cloud service offerings, AWS is an enormous and still quickly growing business! This is all made possible by a wide variety of different partners and suppliers from all over the world, and a complex and ever-changing set of platform technologies. The HIST organization is responsible for directing strategic investments across AWS that will continue to provide the best support for AWS customers, and if you are a strong communicator with deep security experience, we look forward to talking to you!

    As the primary technical security advocate for a variety of AWS-wide security initiatives, in this role you will help internal and external partners to design with security in mind from the beginning. This position will provide you with a challenging opportunity to define and drive fundamental security outcomes for everything underlying the global AWS business, from tangible hardware devices to operational procedures.

    The successful candidate must be comfortable diving into engineering discussions, and leveraging deep security expertise to ensure proper risk assessment and threat analysis is performed. You will provide crystal-clear technical direction and risk mitigation guidance for diverse engineering and business leaders at all levels.

    This is not an entry-level position. By applying your hard-earned years of practical security engineering expertise in projects related to enterprise networking, hardware-rooted security, and cloud-scale administrative infrastructure, you will literally determine company direction and shape the future of cloud computing.

    A Senior Security Engineer is expected to be a highly visible business leader, not just a technical resource. They routinely deliver security designs that are simple, robust and stable, but they also lead others to do so even under conditions of great uncertainty and without direction. They understand multiple technical domains, their interdependencies and limitations, and they are expected to be the most credible voice in the room when they represent security concerns. Senior Security Engineers work with and through others, mentor others in their organization, and always keep up to date on disruptive developments in security to help partner teams design and implement appropriate countermeasures.

    Core Responsibilities:
    * Provide security expertise for truly massive hardware and data center infrastructure projects
    * Perform hands-on security threat modeling, risk assessment, and operational security analysis
    * Prepare and present detailed, written and verbal technical information for internal/external audiences
    * Directly represent our organization to business leaders and technical staff at all levels of the company
    * Demonstrate truly *exceptional* judgment, integrity, business acumen, and communication skills

    Basic Qualifications

    * Minimum of 10 years of experience in Security Engineering, supporting engineering projects from concept to delivery, and 6 years in two or more of the following technical categories:
    -- Security assessment (e.g. penetration testing, incident response, forensics, network traffic analysis)
    -- Security architecture and risk mitigation for large enterprise networks or data center environments
    -- Cloud/Enterprise IT administration (configuration, patching, deployment, change management)
    -- Data center ops (asset management, power/cooling, decom/liquidation, physical security controls)
    -- Network security (L2/L3, VLANs, ACLs, routing, enclaves, DMZ, TACACS, SNMP, IPMI, SSH, IPSec)
    -- x86 and/or ARM chipset and firmware security (TPM, UEFI, TrustZone, Secure Boot, JTAG, PCIe)
    * 5+ years of experience performing security reviews and implementing defensive technical security controls
    * 4+ years working with physical hardware and side-channel attack vectors, and potential mitigations

    Preferred Qualifications

    * Demonstrated ability to prepare technical specifications and executive-ready communications
    * Demonstrated understanding of crypto basics (encryption, signing, certificates, common algorithms)
    * BS in Computer Science, Information Security, or related field, or equivalent work experience
    * 10+ years of experience in two or more of the technical categories above
    * Publicly demonstrated written and verbal communication skills, and ability to drive toward consensus
    * Relevant industry certifications (CISSP, SANS/GIAC, CompTIA, Microsoft, Linux, Cisco)
    * Experience using AWS core services (EC2, S3, IAM, Kinesis, Lambda, KMS, VPC, etc)
    * Experience designing for relevant security standards (TCG, IEEE, NIST, FIPS, PCI, ISO 28000 series)
    * Experience designing for crypto security (e.g. certificate handling and PKI, attestation, TPM/HSM)
    * Experience leading enterprise security risk management and operational business continuity programs
    * Expert knowledge of Windows, Linux, and hypervisor security (especially in cloud environments)
    * Expert knowledge of common security-relevant protocols (e.g. SSH, TLS, DNS, DHCP, NTP, ICMP)
    * Spectacular track record of complex project delivery, effective organization, and executive maturity
    * Meets/exceeds Amazon’s leadership principles requirements for this role
    * Meets/exceeds Amazon’s functional/technical depth and complexity for this role

    Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share this job