‘Next Chapter' Returnship Program - Security Engineer

Job summary
Good storytelling starts with great listening. At Audible, that means each role and every project has our audience in mind. Because the same people who design, develop, and deploy our products also happen to use them. To us, that speaks volumes.

ABOUT THE PROGRAM
The Next Chapter program at Audible is a 16-week paid returnship for experienced professionals returning to the workforce after taking time off for caregiving. This role is open to individuals who have at least 5 years of relevant professional experience and have been out of the paid workforce for at least 1 year to focus on caring for a child or other dependent and is not currently in a university program.

At Audible, we are excited to launch the Next Chapter program because we appreciate the skills you can offer, the perspective you provide, and the contributions you will make. This program offers you a chance to revamp your skills, update your resume with new experience, and make connections with other women and men transitioning back to the workforce. It also offers support through Path Forward, a nonprofit organization on a mission to empower people who’ve been focused on caregiving transition back to the paid workforce.

This 16-week Returnship program is 100% virtual. Upon successful completion of the Returnship, there is a possibility of an offer for full-time employment. We expect candidates for a full-time role to reside or relocate to be within commuting distance of either our Newark, NJ or Cambridge, MA hub, once we return to in-person work 1-3 days a week (currently scheduled for Q1 2022). If you are interested in a remote full-time opportunity, please discuss this with your recruiter.

ABOUT THIS ROLE
As a Security Engineer at Audible you will advocate for information security throughout all our software development and business processes. You will work with other Security Engineers, Application Developers and System Engineers to protect our customers and Audible’s business.

ABOUT THE TEAM
Audible Information Security team is looking for a Security Engineer to join our world class team. We are obsessed with protecting customer trust. We are a hands-on team working to protect our computer networks, servers, applications and data assets.

As a System Security Engineer, you will...

• Assess and review backend Content and Royalty platforms, customer facing Personalization and CRM systems, Mobile Apps, cloud infrastructure, and third party integrations with our internal and external systems.
• Perform third party security risk assessment and due diligence, including managing questionnaire response, evidence verification, and report preparation.
• Conduct internal security and confidential information investigations and information usage security audits.
• Provide guidance on risk, compliance, and policy to technical and non-technical internal customers.
• Assess and prioritize security assessment findings and recommend appropriate mitigations.
• Respond to security violations, vulnerabilities, and incident detections.
• Provide security training and outreach to internal teams and external supply chain partners.
• Contribute to / provide feedback on the development of security standards and control requirements.

Basic Qualifications

• Experience with third party risk assessment, analysis and management.
• Proven experience with the information security principles and the Common Body of Knowledge (CBK) domains and core technologies (CIA, encryption, identity, authN/authZ, SSO, web protocols, and privacy).
• Experience in advocating security best practices for third party integrations (e.g. with SAAS solutions, third-party libraries, etc.).
• Experience with Amazon Web Services (AWS) products and security controls.
• Experience with web application risk assessment, architecture security review, secure coding practices, incident response planning.
• Proficient in one programming language – Java preferred.

Preferred Qualifications

• BS in Engineering or Computer Science, or other relevant degree.
• Experience with developing and maintaining relevant security assessment risk metrics.
• Experience using GRC tools and technologies.
• Current knowledge around web and mobile application vulnerabilities, attacks, and mitigation methods.
• Experience with automated and static code review tools.
• AWS certifications such as AWS Certified Security – Specialty, AWS Certified Cloud Practitioner, or other security related certifications such as CEH, Security+, or GSEC.
• Demonstrated experience using communication skills to advocate security for both technical and non-technical audiences.
• Open to relocate to Newark, NJ or Cambridge, MA at the conclusion of the program if offered FT employment post-Returnship.

ABOUT AUDIBLE
At Audible, we innovate and inspire through the power of voice. We're changing the narrative on storytelling. As a leading creator and provider of premium audio storytelling, we've redefined the ways people access, discover, and share stories. The stories we tell have the ability to transport and transform everyday moments into meaningful experiences and it's our people who make Audible's service possible. We're listeners, storytellers, and problem-solvers. Our perspectives and experiences power our ideas and come together in our mission to unleash the power of the spoken word.


Audible is committed to a diverse and inclusive workplace. Audible is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.