Security Engineer

Job summary
People Technology is looking for a Security Engineer to focus on improving our application, system, and infrastructure security. You are obsessed with customer trust. You have breadth and depth of security knowledge and can identify and advise on risks across multiple areas of an organization. You will be solving security challenges at scale and working to help other teams create solutions while developing strong security culture and practices.
You have industry-leading technical abilities and are strong in multiple domains. You work with groups throughout Amazon to help them integrate security at all levels of their projects. You are involved in hands-on security assessments, develop and provide guidance, and advocate security engineering best practices. You proactively and continually improve your level of knowledge about Amazon’s business, information security, the threat landscape and relevant technologies.


Responsibilities:

• Perform security reviews to identify security issues and risks, and develop mitigation plans
• Advise and consult with internal customers on risk assessment, threat modeling, code review, and vulnerability remediation
• Provide expert advice to internal customers on developing secure architectures
• Develop and interpret security policies and procedures
• Evaluate and recommend new and emerging security products and technologies
• Develop and deliver training materials and perform general security awareness and specific security technology training
• Participate in security compliance efforts
• Participate in security escalations support
• Evangelize security within Amazon.com and be an advocate for customer trust

Basic Qualifications

• Bachelor's Degree or MS in Computer Science or related field
• At least 3 years of experience in application, secure software or system design
• At least 2 years of experience in a development or security role working with development team(s) that delivered commercial software or software-based services
• Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits

Preferred Qualifications

• Significant experience and detailed technical knowledge in multiple areas of: security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
• Strong scripting skills in one or more of the common languages (e.g., Perl, Python, Ruby, shell scripting)
• Experience with service-oriented architecture and web services security
• Experience with the application of threat modeling or other risk identification techniques
• Experience designing and/or reviewing the security of systems in conjunction with a development team
• Experience in risk identification, secure software design, secure architectures, security testing, or vulnerability detection or remediation
• Sharp analytical abilities and proven design skills
• Excellent written and verbal communication skills
• Excellent leadership skills and teamwork skills
• Results oriented, high energy, self-motivated

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.




Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Workers in New York City who perform in-person work or interact with the public in the course of business must show proof they have been fully vaccinated against COVID or request and receive approval for a reasonable accommodation, including medical or religious accommodation.