Security Engineer (SysDev Team), Vulnerability Management
New York City, USA
Amazon.comFree shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
As a Defensive Security Engineer you will work with our customers to understand their roles, as well as their daily pain points and challenges. You'll then design and implement cutting edge solutions to stream-line and automate Vulnerability Management operations. From building vulnerability assessment tooling, to automating detections and remediation efforts, your work will be essential to the continuing safety and security of Amazon and our Customers.
You will work with other members of our growing team to deep dive problems, investigate approaches, prototype new technology, and evaluate technical feasibility of competing solutions. You will design, implement, and operate high quality distributed vulnerability management systems operating at a globally unrivaled scale.
Key job responsibilities
- Translate Security tasks to technical deliverables
- Advise on Cloud Design patterns
- Assist with implementation of software solutions
- Keep up to date on current security tooling and the evolving threat landscape
- Deep dive systemic security problems, and design approaches to address them
- Work hand in hand with our customers to understand their requirements
- Prototype new projects, then mature them into long term solutions
- Architect high quality horizontally scalable systems, evaluating and documenting technological and operational trade offs
- Create production ready code following best practices with an emphasis on operational excellence.
- Participate in our on weekly call rotation: answer tickets, review alarms, and follow run-books to fix platform problems.
The successful candidate will have sound development and system design knowledge while being able to bridge the gap between our SysDevs and Security Engineers. You will have commiserate development experience with an SDE while also exceling in security competencies.
About the team
We are the development engineering arm of the “Vulnerability Management and Remediation” team. We operate on the front lines, building tools to streamline the assessment of vulnerabilities, ingest hundreds of millions of detections a day, and drive remediation efforts. Our work is mission critical to protect our customers and ensure the continued confidentiality, integrity, and availability of Amazon services world wide.
Our space moves fast, and so do we. We’re passionate about agile processes, and are constantly pushing the envelope when it comes to new technologies and approaches, all while delivering rock solid scalable projects at a globally unrivaled scale. Come join us and make a difference!
We are open to hiring candidates to work out of one of the following locations:
New York, NY, USA
- 3+ years of hands on security or vulnerability management experience
- Strong understanding of core CWEs and compensating controls
- Basic threat modeling knowledge
- 3+ years experience with cloud infrastructure
- 3+ years experience with agile methodologies and iterative development
- 3+ years experience with statically typed or scripting languages
- 3+ years of experience architecting, designing, and implementing new systems
- 2+ years of experience uplifting of existing systems
- 3+ years experience with reusable micro-service architecture
Preferred Qualifications- 3+ years experience with AWS infrastructure and CDK
- 3+ years experience with Python, Java, and TypeScript
- 2+ years experience with Reactjs
- 2+ years experience with NoSQL
- Experience designing and leading implementation of large horizontally scaling applications
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $135,500/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs