Security Engineer, Aurora Security

Job summary
We are responsible for the security of the AWS Aurora Control Plane that:
Reliably manages a large fleet of databases for our customers freeing them from traditional database operations
Guarantees best-in-class availability and failover capabilities to sustain the world’s most demanding workloads
Orchestrates and automates the complete lifecycle of a database cluster from creation to operation to scale-out and fail-over
Automatically scales up to meet customers most demanding workloads
Has the unique opportunity to integrate closely with our engine and storage layers to build an end-to-end solution that is easy-to-use and at the same time full-fills the demanding requirements of an enterprise-grade solution
Amazon Aurora is a cloud-native relational database which combines the scalability and performance of the best NoSQL databases paired with full compatibility to the most popular relational open source databases - MySQL and PostgreSQL. Amazon Aurora can store petabytes of customer data and can handle peaks of millions of queries per second.

You read until here, great, our team would like you to help us build and maintain the Security layer of this service together. We are looking for experienced, passionate and curious engineers to help us solve security hurdles in innovative ways.

In this role, you will design, implement and maintain systems that ensure best in class security layer for the Aurora services. You will help troubleshoot, identify and fix potential security risks as well as drive and implement security best practices as an integral part of the development cycle.
This is a unique and rare opportunity to get in on the ground floor within a fast-growing AWS service, have an impact on the product direction and the shape of the cutting-edge database technology. We count on your technical expertise, eagerness to learn and ability to collaborate across teams. You will act as a technical lead of your team, being a role model for other engineers and a partner for the product team. We will give you the opportunity to work with and learn from our principal engineers, AWS’s pragmatic visionaries.

About Us

We recognize new team members need time to ramp-up and feel fully comfortable within the team. You will have a launch buddy, an engineer who will help you navigate through this processes offering you help and mentorship.

We offer flexibility in working hours and encourage you to find your own balance between your work and personal life.

Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Basic Qualifications

-Bachelor’s degree in computer science or related field, or equivalent professional experience
-5+ years of non-internship professional software development experience
-2+ years of experience with system security design and best practices, including troubleshooting and defining system vulnerabilities
-Proficiency with at least one language such as C, C++, C#, Go, Java, JavaScript, Python or Scala
-Broad and deep technical knowledge in at least one of the following fields: operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.
-Ability to think like both an attacker and defender.
-Ability to balance technical risks against business risks and consistently drive for the right results.
-Ability to quickly design and build internal-facing tools that enable scaled programmatic automation.
-Have a passion for engineering novel solutions to complex security challenges, and recognize and fill gaps in capabilities.

Preferred Qualifications

A deep understanding of security by design development, as well as security best practices at every step of the development cycle
A passion troubleshooting and defining system vulnerabilities
Proficiency with Linux
Deep technical knowledge in several of the following fields: operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.
Ability to write clean, object-oriented, well-structured and maintainable code
Experience successfully delivering complex systems to customers
Excellent verbal and written communication skills