Senior Security Engineer, Delta Team, Application Security
New York City, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...As an AppSec engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day, you might be inspecting an application’s code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service alongside its software developers.
The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with one or more areas of deep expertise. In their communication, they will clearly articulate risks to technical and non-technical audiences alike. Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions.
Our organization prizes its employees, and we show it through investing in work-life harmony. We have dedicated resources that consistently innovate in reducing on-call time and ensuring the team spend their time on the highest-value tasks. Join the stores AppSec organization to work hard, have fun, and make history!
Key job responsibilities
- Creating, updating, and maintaining threat models for a wide variety of software projects
- Manual and Automated Secure Code Review, primarily in Java, Python and Javascript
- Development of security automation tools
- Adversarial security analysis using cutting-edge tools to augment manual effort
- Security training and outreach for internal development teams
- Security architecture and design guidance
- Lead execution and definition of security strategy for your team
- Mentor and develop teammates both technically and professionally
- Seek out, develop, and advocate for new technology to identify and mitigate complex risks
- Effectively navigate novel situations and problems that do not have a defined solution
About the team
The Delta team was newly chartered to create an enhanced application security program for the most-sensitive applications in Amazon Stores.
This position will have a direct influence in designing and rolling out a program meant to make Stores' critical infrastructure the most secure software in the world.
We are creating the security program of tomorrow today, and we need the best and brightest in the world to do it.
Basic Qualifications
- BS in Computer Science or related field, or equivalent work experience
- Minimum of 5 years of experience with at least three of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, penetration testing, cloud security, mobile security, and network security
- Advanced knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security
- Experience reading and writing in at least one programming language
Preferred Qualifications
- You demonstrate excellent judgement in assessing and prioritizing technical risk
- You have a strong application security background with a focus on scalable solutions
- You have experience building and securing complex AWS architecture
- You have excellent written and verbal communication skills
- You effectively negotiate priorities across teams to achieve challenging goals and security debt reduction
- You have experience creating processes that drive consistent security outcomes
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.
Tags: Application security Automation AWS Cloud Computer Science Cryptography Java JavaScript Machine Learning Mobile security Network security Pentesting Python Security analysis Security strategy Strategy
Perks/benefits: Career development Equity
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs