Offensive Security Engineer
Seattle, Washington, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
Do you want to be part of a team that designs and implements critical payment-related services for Amazon with air-tight security and five-nine availability that serve millions of requests per minute? Do you want to be part of a fun group that explores cutting edge technology, with a culture of learning from each other and developing each other? Do you want to be part of an organization that will be at the center of projects that will shape the future of the payments industry? If you answer yes to any of the questions above, this position is for you! Your work will be visible among the company’s senior executives.
As an offensive security engineer, you will:
·
· Execute offensive security “red team” campaigns of our Payment systems and processes to improve our ability to protect, detect and respond to known adversaries
·
· Thoroughly document exploit chain/proof of concept scenarios for client consumption
·
· Develop innovative and scalable tools, solutions, and processes to enhance the team's velocity and scale to Payment and Amazon needs
·
· Communicate with senior leadership and technology leaders to prioritize and execute remediation plans
·
· Effectively collaborate in a fast-paced environment with multiple teams in a large organization (threat intelligence, incident response, software development, QA, Project/Release Management, Build and Release, etc.).
· 3+ years of experience in multiple offensive security engineering disciplines (red teaming, penetration testing, fuzz testing, etc.)
· Experience with red team or penetration testing campaigns in large, complex organizations
· Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement
· Security testing tools including Cobalt Strike, C2 infrastructure, Nmap, Burp Suite - Windows, Linux, and MacOS operating systems
· Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)
· Knowledge of Cloud security principles (preferably AWS)
· Strong Network and Application security concepts
As an offensive security engineer, you will:
·
· Execute offensive security “red team” campaigns of our Payment systems and processes to improve our ability to protect, detect and respond to known adversaries
·
· Thoroughly document exploit chain/proof of concept scenarios for client consumption
·
· Develop innovative and scalable tools, solutions, and processes to enhance the team's velocity and scale to Payment and Amazon needs
·
· Communicate with senior leadership and technology leaders to prioritize and execute remediation plans
·
· Effectively collaborate in a fast-paced environment with multiple teams in a large organization (threat intelligence, incident response, software development, QA, Project/Release Management, Build and Release, etc.).
Basic Qualifications
· 3+ years of experience in multiple offensive security engineering disciplines (red teaming, penetration testing, fuzz testing, etc.)
· Experience with red team or penetration testing campaigns in large, complex organizations
· Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement
Preferred Qualifications
· Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries· Security testing tools including Cobalt Strike, C2 infrastructure, Nmap, Burp Suite - Windows, Linux, and MacOS operating systems
· Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)
· Knowledge of Cloud security principles (preferably AWS)
· Strong Network and Application security concepts
Tags: Application security AWS Burp Suite Cloud Cobalt Strike Exploit Incident response Linux MacOS Nmap Offensive security Pentesting Perl Python Red team Ruby Scripting Threat intelligence TTPs Windows
Region:
North America
Country:
United States
Job stats:
34
2
0
Category:
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs