Industry Security Specialist , Alexa
Seattle, Washington, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
Job summary
The Devices and Services (D&S) Security team works to ensure that Amazon’s products and services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining customer trust. We help build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders. We work closely with Amazon’s Devices and Services teams which design and engineer high-profile consumer electronics, including the best-selling Kindle family of products, Amazon Echo, Fire tablets, Amazon Fire TV, Echo Show, Echo Spot, and more.
The Role:
Amazon’s Digital Security team is looking for a Security Specialist to ensure that services within the Alexa family are designed and implemented to maintain our customer's trust. This is a role for someone who wants to review and invent solutions for the relatively new technology domain of Voice Assistants.
In this role, you will work on security problems in a wide range of scenarios associated with Alexa services. You will help identify novel threats for innovative voice offerings. You will help product teams identify scalable & secure solutions for Alexa (e.g. key management solutions, encrypted storage, etc). You will aid in the development of training that is relevant to the Alexa Organization. You will cultivate a culture and community within the Alexa organization. You will be a key role in ensuring that Alexa maintain customer trust.
Activities in this role include:
• Identifying security issues and risks, review & approve mitigation plans in Alexa services.
• Influencing product teams to implement practices that maintain a high security bar.
• Advising teams on the correct components that deliver security features like key management, authentication, encryption, etc.
• Proposing, collaborating & obtaining buy-in on strategic security initiatives for the Alexa Organization.
• Recommending and developing security-focused tools that help product teams prevent security misconfigurations & vulnerabilities in the design & implementation of Alexa features.
• Developing and interpreting security policies and procedures to form security requirements.
• Developing and delivering training that promotes general security awareness and informs developers on how to discover & mitigate security vulnerabilities in their products.
• Deciding which new security tooling and strategies should be pursued for scalable security in Alexa service development.
• Serve as an escalation resource in evaluating security issues discovered by the first tier of security support within product teams.
• Supporting incident response activities as a security subject matter expert.
• Support the review of static & dynamic analysis reports.
Basic qualifications
• Bachelor’s degree in Computer Science, Computer Engineering or related field.
Preferred qualifications
• Master’s degree in Computer Science, Computer Engineering or related field.
• Experience in secure design reviews.
• Knowledge of common mistakes that result in security vulnerabilities.
• Experience with the application of threat modeling and other risk identification techniques.
• Experience with service-oriented architecture and web services security
• Detailed knowledge of system and remediation techniques, including penetration testing and the development of exploits
• Knowledge of network and related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
• Experience with Amazon Web Services (S3, EC2, Lambda, Etc)
• Experience with scripting (e.g., python, bash, etc)
• Knowledge of security domains and body of knowledge and how to implement them.
• Excellent leadership skills and teamwork skills
• Results oriented, high energy, self-motivated
keyword: DSTS
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
The Devices and Services (D&S) Security team works to ensure that Amazon’s products and services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining customer trust. We help build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders. We work closely with Amazon’s Devices and Services teams which design and engineer high-profile consumer electronics, including the best-selling Kindle family of products, Amazon Echo, Fire tablets, Amazon Fire TV, Echo Show, Echo Spot, and more.
The Role:
Amazon’s Digital Security team is looking for a Security Specialist to ensure that services within the Alexa family are designed and implemented to maintain our customer's trust. This is a role for someone who wants to review and invent solutions for the relatively new technology domain of Voice Assistants.
In this role, you will work on security problems in a wide range of scenarios associated with Alexa services. You will help identify novel threats for innovative voice offerings. You will help product teams identify scalable & secure solutions for Alexa (e.g. key management solutions, encrypted storage, etc). You will aid in the development of training that is relevant to the Alexa Organization. You will cultivate a culture and community within the Alexa organization. You will be a key role in ensuring that Alexa maintain customer trust.
Activities in this role include:
• Identifying security issues and risks, review & approve mitigation plans in Alexa services.
• Influencing product teams to implement practices that maintain a high security bar.
• Advising teams on the correct components that deliver security features like key management, authentication, encryption, etc.
• Proposing, collaborating & obtaining buy-in on strategic security initiatives for the Alexa Organization.
• Recommending and developing security-focused tools that help product teams prevent security misconfigurations & vulnerabilities in the design & implementation of Alexa features.
• Developing and interpreting security policies and procedures to form security requirements.
• Developing and delivering training that promotes general security awareness and informs developers on how to discover & mitigate security vulnerabilities in their products.
• Deciding which new security tooling and strategies should be pursued for scalable security in Alexa service development.
• Serve as an escalation resource in evaluating security issues discovered by the first tier of security support within product teams.
• Supporting incident response activities as a security subject matter expert.
• Support the review of static & dynamic analysis reports.
Basic qualifications
• Bachelor’s degree in Computer Science, Computer Engineering or related field.
Preferred qualifications
• Master’s degree in Computer Science, Computer Engineering or related field.
• Experience in secure design reviews.
• Knowledge of common mistakes that result in security vulnerabilities.
• Experience with the application of threat modeling and other risk identification techniques.
• Experience with service-oriented architecture and web services security
• Detailed knowledge of system and remediation techniques, including penetration testing and the development of exploits
• Knowledge of network and related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
• Experience with Amazon Web Services (S3, EC2, Lambda, Etc)
• Experience with scripting (e.g., python, bash, etc)
• Knowledge of security domains and body of knowledge and how to implement them.
• Excellent leadership skills and teamwork skills
• Results oriented, high energy, self-motivated
Basic Qualifications
- Bachelor’s degree in Computer Science or related experience.
Preferred Qualifications
- Ability to create secure designs and execute code reviews.
- Working knowledge of common mistakes that result in security vulnerabilities.
- Ability to build and apply threat models and other risk identification techniques.
- Experience with service-oriented architecture and web services security
- Detailed knowledge of system and remediation techniques, including penetration testing and the development of exploits
- Knowledge of network and related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Experience with Amazon Web Services (S3, EC2, Lambda, Etc)
- Development experience in Java or similar languages
- Experience with scripting (e.g., python, bash, etc)
- Implementation knowledge of cryptographic features like Hashing, Encryption, Signing as well as working knowledge of common software implementations of OpenSSL
- Working knowledge of TLS, Software Development lifecycle , x.509 certificates, compile-time hardening capabilities, etc.
- Excellent leadership skills and teamwork skills
- Results oriented, high energy, self-motivated
keyword: DSTS
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Tags: Bash Computer Science EC2 Encryption Exploits Hashing Incident response Java Lambda Pentesting Privacy Python S3 Scripting TCP/IP TLS Vulnerabilities
Region:
North America
Country:
United States
Job stats:
6
1
0
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs