Application Security Engineer, Physical Stores Security
Irvine, California, USA
Amazon.comFree shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
Innovation is part of our DNA! We need people who want to join an ambitious program that continues to push the state of the art in computer vision, machine learning, distributed systems and hardware design.
The Role: Everyone on the team needs to be entrepreneurial, wear many hats and work in a highly collaborative environment that's more startup than a big company. We will need to tackle problems that span a variety of domains: real-time, distributed systems, machine learning, image recognition, and computer vision. As a Senior Security Engineer, you will help ensure our devices, applications, services, and systems are designed and implemented to the highest standards and resilient to the modern threats. If you enjoy analyzing the security of systems that span from hardware to cloud services, discovering and addressing security issues and quickly reacting to new threat scenarios, this position will provide you with a challenging opportunity. You will lead in security audits, risk analysis, vulnerability testing and security reviews across all elements of this project's software systems.
You will tackle challenging, novel situations every day and, given the size of this initiative, you will have the opportunity to work with multiple technical teams at Amazon in different locations. You should be comfortable with a high degree of ambiguity and relish the idea of solving problems that haven't been solved at scale before. Along the way, we guarantee that you will learn a ton, have fun and make a positive impact on millions of people.
Key job responsibilities
1. Security Consults
2. Architecture Review
3. Threat Model
4. Automated Code Review
5. Manual Code Review
6. Incident Response Plan Review
7. Security Testing
8. Risk documentation and remediation verification
We are open to hiring candidates to work out of one of the following locations:
Irvine, CA, USA
- Bachelor’s degree in Computer Science or related field or equivalent experience
- 3+ years of Application Security engineering experience
- 3+ years of experience in vulnerability testing and auditing
- -Knowledge of authorization, authentication and encryption protocols and use cases
- Experience working with development team(s) that have delivered commercial software or software-based services
- Knowledge of threat modeling or other risk identification techniques
- Knowledge of system security vulnerabilities and remediation techniques
- Familiarity with common attack patterns and exploitation techniques (OWASP)
- Development experience in Java
- Scripting skills (e.g., Perl, Python shell scripting)
- Knowledge of network and related web protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
Preferred Qualifications- Master’s in Computer Science or related field.
- Experience with Security Engineering and Assurance methodologies e.g. fuzzing, static and dynamic code analysis.
- Experience with common attack patterns and exploitation techniques. Ability to write fully functional exploits for common vulnerabilities such as simple stack overflow, cross-site scripting, or SQL injection.
- Experience in using standard Security Assessment and Penetration Testing tools such as BurpSuite, Metasploit, and IDA Pro.Knowledge of technical security issues facing large multinational companies.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $135,500/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.
Tags: Application security Audits Burp Suite Cloud Code analysis Computer Science Encryption Exploits Incident response Java Machine Learning Metasploit OWASP Pentesting Perl Python Risk analysis Scripting Security assessment SQL SQL injection TCP/IP Vulnerabilities XSS
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs