Amazon — a place where builders can build. We hire the world’s brightest minds and offer them an environment in which they can invent and innovate to improve the experience for our customers. We want associates, who will help share and shape our mission to be Earth’s most customer-centric company. Amazon’s evolution from web site, to e-commerce partner, to development platform, is driven by the spirit of invention that’s part of our DNA. We do this daily by solving complex technical and business problems with ingenuity and simplicity. We’re making history, and the good news is that we’ve only just begun. Every day is Day-One at Amazon!
We are seeking exceptional Security Engineers to work in our Application Security Teams. If you’re passionate about Information Security, have exceptional technical depth in deploying Cloud Solutions and want to join a large scale, fast-paced organization with global impact on millions of customers, then we’d like to talk to you.
We're the team who help secure Amazon's Retail services running on the AWS Cloud. We are experts in Application Security and Cloud technologies, passionate in our desire to secure Amazon's environments and protect our customers' trust; unflinching in our resolve to hold the security bar high. Role and Responsibilities
- Serve as Security Solutions Architects to Amazon Retail Service Teams
- Build Prototypes, Proofs of Concept and Reference Models on AWS services that demonstrate security value
- Demonstrate and promote Security best practices
- Detailed understanding of Cloud Security fundamentals, including cryptography and the shared responsibility model
- Strong desire to up-skill and self-develop
- Application security assessments
- Software Penetration testing
- Risk assessment and threat modeling
- Security training and awareness development and implementation
- Security tool evaluation, development and deployment
Information Security is looking for Application Security Engineers to ensure that our applications and services are implemented with the high standards required to maintain and enhance our customer’s trust. If you enjoy analyzing system services, findings issues in code, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity.
The ideal candidate is passionate about solving security problems in innovative ways. They must desire to not only find issues but also the bias for action to drive the remediation of these issues to reduce risk for the company. The ideal candidate has broad and deep technical knowledge, typically ranging from front-end UIs through to back-end systems and all points in between. This person has strong software design and implementation experience, strong knowledge of web protocols, and an in-depth knowledge of Linux/Unix tools and architecture. Experience with web services-based applications, especially at massive scale, is very applicable.
The candidate will work with groups throughout Amazon and help them to integrate security into their projects. The solutions you develop will regularly require input and guidance from team members and will be based on security engineering best practices and industry standards.
The candidate will help ensure that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues and quickly reacting to new threat scenarios. This position will provide you with an opportunity to work across development team to design and build secure solutions, participate in and coordinate penetration testing activities, and generally solve security challenges at massive scale.
You demonstrate a breadth and depth of knowledge in the following disciplines:
• You recognize, adopt, utilize and teach best practices in security engineering: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
• You have appropriate technical skills required by your role and area of specialty: software development, network engineering, systems engineering, cryptography or a combination of all.
• You have a capacity and tolerance for extreme context switching and interruptions while remaining productive and able to provide effective, safe guidance.
• You participate in efforts to promote security throughout the Amazon.
• You help teams develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
• You maintain an understanding of the Internet threat environment and how it affects the company.
• You work to find and fix flaws in existing company systems and sites.
• You understand the current state of network and application security tools and how they can benefit the company.