Security Engineer , Device Security

Seattle, Washington, USA

Full Time Senior-level / Expert USD 107K - 149K *
Amazon.com logo

Amazon.com

Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...

View all employer listings

Apply now Apply later

Job summary
The Devices and Services (D&S) Trust & Security team works to ensure that our devices and services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining trust and we need to continue to build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders. The team develops security automation for devices & services, performs penetration testing, and handles and tracks incident responses to resolution. The Trust team is responsible for enabling business growth and innovation while honoring data policies and controls that help protect customer trust. We are responsible for defining and executing on the security and privacy requirements across the entire organization.

The Amazon Devices team designs and engineers high-profile consumer electronics, including the best-selling Kindle family of products. We have also produced groundbreaking devices like Amazon Echo, Fire tablets, Amazon Fire TV, Echo Show, Echo Spot, and more. What will you help us create?

The Role:
Amazon Devices is looking for a Security Engineer to ensure that our devices are designed and implemented to the highest standards thus maintaining and enhancing customer trust. If you enjoy identifying issues in hardware and low-level software, this position will provide you with a unique opportunity to secure the next generation of consumer technology. You can learn more about at Lab 126 here: https://www.youtube.com/watch?v=k0UTTxzeGog.

In this role, you will:

* Analyze the security of hardware (SoC, MCU, etc.) and low-level operating system components of consumer devices
* Identify vulnerabilities on devices, provide mitigations, and validate solutions
* Collaborate with product teams to develop new features with an eye on security
* Assist in vulnerability analysis and incident response
* Perform security reviews
* Evaluate and recommend new security tooling and technologies
* Develop technologies for automated vulnerability detection
* Participate in security operations support
* Develop, interpret, and implement security policies and procedures
* Develop and deliver general security awareness training

Note: While the majority of our Security/Privacy roles are based in the Bay Area, CA and Seattle, WA areas, by applying to this position your application will be considered for all locations we hire for in the United States, including but not limited to: Seattle, WA; Bellevue, WA; Sunnyvale, CA, Austin TX.


Basic Qualifications


* Bachelor’s degree in Computer Science, Electrical Engineering and Computer Science, or 5+ years relevant work experience
* 3+ years of hardware security experience or 3+ years of application security experience

Preferred Qualifications

* Master’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent
* 2+ years of experience in Android security and reverse engineering
* Experience with security engineering, system and network security, authentication and security protocols, cryptography, and application security
* Experience with the application of threat modeling or other risk identification techniques
* Software development experience in Java, C, and C++
* Experience with scripting languages such as Python, Perl, or Ruby
* Experience with hardware security, system and network security, authentication and security protocols, cryptography, and application security
* 3+ years of hardware security experience or 3+ years of application security experience
* 2+ years of security engineering experience
* 2+ years of experience and involvement with development team(s) that delivered commercial software, services, or hardware devices
* Experience with scripting (e.g. , ruby, bash)
* 3+ year of experience with the application of threat modeling or other risk identification techniques
* 3+ year of development experience in C, C++, and/or assembly (x86, x86-64, ARM)
* Knowledge of common wireless connectivity protocols (e.g. Bluetooth, WiFi, 802.15.4)
* Knowledge of hardware security mechanisms, including secure boot, trusted execution environments
* Knowledge of operating system internals, with emphasis on Linux and common RTOS environments
* Familiarity with system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
* Excellent written and verbal communication skills
* Excellent leadership skills and teamwork skills
* Results oriented, high energy, self-motivated



keword: dsts




Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com

Tags: Android Application security Automation Bash C Cryptography Exploits Incident response Java Linux Network security Penetration testing Perl Privacy Python Ruby Scripting Vulnerabilities

Region: North America
Country: United States
Job stats:  6  0  0
Category: Engineering Jobs
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.