Sr Security Engineer, Vulnerability Management, Vulnerability Management

Job summary

Amazon is seeking qualified Security Engineers to join our innovative, high energy Information Security team and work within the Vulnerability Management - Assessment and Intake team. Security Engineers respond to security events, conduct assessment of public and internal vulnerability disclosures. Provide severity guidance and set appropriate velocity for security campaigns. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. Assessment Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis.With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of 3P software, AWS technologies, malware analysis, network security, application security, cryptography, and security intelligence.

Responsibilities:

• Responding to security disclousures, and coordinating a cohesive response involving multiple teams across Amazon.
• Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
• Drive clarity and assess severity ratings for security campaigns.
• Identifying and recommending solutions that improve or expand team's intake responsibilities drive operational efficiency.
• Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
• Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
• Keeping your knowledge and skills current with the rapidly changing threat landscape.
• Participating in a on-call rotation.

Key job responsibilities
The individual will intake and assess all security issues. Develop/updating onboarding guidance, technical runbooks. Demonstrate absolute ownership on assessment functions of the team. Perform the job functions as a technical leader with hands-on work ethics. Handle conflicts in business/campaign priorities. Insist on high standards

Basic Qualifications

BS in Computer Science, Information Security, or equivalent professional experience.
· 8+ years of demonstrated experience in areas such as incident response, systems security, network, and/or application security.
· Understanding of best practices in security engineering, including secure development, cryptography, network security, security operations, systems security, policy, and incident response.
· Technical depth in one or more specialties including: application security, infrastructure security, digital forensics, malware analysis, or some combination thereof.
· Understanding of security vulnerabilities, attacker exploit techniques, and methods for their remediation.
· The capacity and tolerance for context switching and interruptions while remaining productive and providing effective, safe guidance.
· Experience with common security monitoring, log analysis and forensic tools.
· Ability to work with a high degree of autonomy.
· Scripting skills (E.g: Python, Perl, Bash, PowerShell, etc.)
· Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences.

Preferred Qualifications

Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support.
· 10+ years of information security experience.
· Relevant industry certifications from SANS, ISC2, etc.
· Strong demonstrated knowledge of Unix tools and architecture.
· Familiarity/experience with AWS services and security concepts.


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.