• Senior Security Engineer

    Location US-WA-Seattle
    Posted Date 23 hours ago(12/12/2018 1:16 PM)
    Job ID
    756371
    Company
    Amazon.com Services, Inc.
    Position Category
    Systems, Quality, & Security Engineering
    Company/Location (search) : Country (Full Name)
    United States
  • Job Description

    Amazon — a place where builders can build. We hire the world’s brightest minds and offer them an environment in which they can invent and innovate to improve the experience for our customers. We want associates, who will help share and shape our mission to be Earth’s most customer-centric company. Amazon’s evolution from web site, to e-commerce partner, to development platform, is driven by the spirit of invention that’s part of our DNA. We do this daily by solving complex technical and business problems with ingenuity and simplicity. We’re making history, and the good news is that we’ve only just begun. Every day is Day-One at Amazon!

    We are seeking exceptional Security Engineers to work in our Application Security Teams. If you’re passionate about Information Security, have exceptional technical depth in deploying Cloud Solutions and want to join a large scale, fast-paced organization with global impact on millions of customers, then we’d like to talk to you.

    We're the team who help secure Amazon's Retail services running on the AWS Cloud. We are experts in Application Security and Cloud technologies, passionate in our desire to secure Amazon's environments and protect our customers' trust; unflinching in our resolve to hold the security bar high.

    Role and Responsibilities
    • Serve as Security Solutions Architects to Amazon Retail Service Teams
    • Build Prototypes, Proofs of Concept and Reference Models on AWS services that demonstrate security value
    • Demonstrate and promote Security best practices
    • Detailed understanding of Cloud Security fundamentals, including cryptography and the shared responsibility model
    • Strong desire to up-skill and self-develop
    • Application security assessments
    • Software Penetration testing
    • Risk assessment and threat modeling
    • Security training and awareness development and implementation
    • Security tool evaluation, development and deployment

    Information Security is looking for Application Security Engineers to ensure that our applications and services are implemented with the high standards required to maintain and enhance our customer’s trust. If you enjoy analyzing system services, findings issues in code, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity.

    The ideal candidate is passionate about solving security problems in innovative ways. They must desire to not only find issues but also the bias for action to drive the remediation of these issues to reduce risk for the company. The ideal candidate has broad and deep technical knowledge, typically ranging from front-end UIs through to back-end systems and all points in between. This person has strong software design and implementation experience, strong knowledge of web protocols, and an in-depth knowledge of Linux/Unix tools and architecture. Experience with web services-based applications, especially at massive scale, is very applicable.

    The candidate will work with groups throughout Amazon and help them to integrate security into their projects. The solutions you develop will regularly require input and guidance from team members and will be based on security engineering best practices and industry standards.

    The candidate will help ensure that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues and quickly reacting to new threat scenarios. This position will provide you with an opportunity to work across development team to design and build secure solutions, participate in and coordinate penetration testing activities, and generally solve security challenges at massive scale.

    You demonstrate a breadth and depth of knowledge in the following disciplines:
    • You recognize, adopt, utilize and teach best practices in security engineering: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
    • You have appropriate technical skills required by your role and area of specialty: software development, network engineering, systems engineering, cryptography or a combination of all.
    • You have a capacity and tolerance for extreme context switching and interruptions while remaining productive and able to provide effective, safe guidance.
    • You participate in efforts to promote security throughout the Amazon.
    • You help teams develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
    • You maintain an understanding of the Internet threat environment and how it affects the company.
    • You work to find and fix flaws in existing company systems and sites.
    • You understand the current state of network and application security tools and how they can benefit the company.

    Basic Qualifications

    • Experience with service-oriented architectures and web services security.
    • Well versed in application security, infrastructure security, business risk analysis and making complex business/risk trade-off recommendations and decisions.
    • Technical knowledge in at least one security domain such as engineering, system and network security, authentication or security protocols.
    • 2+ years of experience leading, managing & developing high performance teams
    • Hands-on knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques
    • Strong information security risk-based prioritization abilities
    • 2+ years of progressive experience within a software security team or similar operating environment
    • BA/BS in computer science, information security, related discipline, or equivalent work experience

    Preferred Qualifications

    • Experience in generating automated metrics to measure IT security effectiveness and consistency.
    • Excellent leadership, teamwork and collaboration skills.
    • Results-oriented, high energy, self-motivated..
    • Information security professional certifications encouraged (SANS GIAC, CISSP etc.)
    • Experience architecting, securing, and operating Amazon Web Services
    • Experience managing remote team members
    • Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
    • Excellent attention to detail
    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share this job