Offensive Security Engineer

Seattle, Washington, USA

Applications have closed

Amazon.com

Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...

View company page

Do you want to be part of a team that designs and implements critical payment-related services for Amazon with air-tight security and five-nine availability that serve millions of requests per minute? Do you want to be part of a fun group that explores cutting edge technology, with a culture of learning from each other and developing each other? Do you want to be part of an organization that will be at the center of projects that will shape the future of the payments industry? If you answer yes to any of the questions above, this position is for you! Your work will be visible among the company’s senior executives.

As an offensive security engineer, you will:

·
· Execute offensive security “red team” campaigns of our Payment systems and processes to improve our ability to protect, detect and respond to known adversaries
·
· Thoroughly document exploit chain/proof of concept scenarios for client consumption
·
· Develop innovative and scalable tools, solutions, and processes to enhance the team's velocity and scale to Payment and Amazon needs
·
· Communicate with senior leadership and technology leaders to prioritize and execute remediation plans
·
· Effectively collaborate in a fast-paced environment with multiple teams in a large organization (threat intelligence, incident response, software development, QA, Project/Release Management, Build and Release, etc.).

Basic Qualifications


· 3+ years of experience in multiple offensive security engineering disciplines (red teaming, penetration testing, fuzz testing, etc.)
· Experience with red team or penetration testing campaigns in large, complex organizations
· Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement

Preferred Qualifications

· Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries
· Security testing tools including Cobalt Strike, C2 infrastructure, Nmap, Burp Suite - Windows, Linux, and MacOS operating systems
· Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)
· Knowledge of Cloud security principles (preferably AWS)
· Strong Network and Application security concepts

Tags: Application security AWS Burp Suite Cloud Cobalt Strike Exploit Incident response Linux MacOS Nmap Offensive security Pentesting Perl Python Red team Ruby Scripting Threat intelligence TTPs Windows

Region: North America
Country: United States
Job stats:  34  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.