Security Engineer
US, NY, Virtual Location - New York
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...Are you passionate about managing security at scale? Selling Partner Services is one of Amazon’s fastest growing business with more than 50% of all items currently sold originating from third-party Sellers. Our vision is to offer a secure world-class Customer experience that enables Selling Partner Services and third-party Developers to innovate rapidly on behalf of Sellers, Vendors and Brand Owners.
Selling Partner Service is looking for a self-driven Security Engineer to join our team. We are looking for a self-starter. You will actively contribute to our security strategy and its implementation. You will perform risk assessments, threat modelling, security reviews and vulnerability remediation for SPS systems and consultations and incident response for 3P Developers using Selling Partner APIs. You will design and implement security mechanisms, processes and tools to protect against risks. You will participate in architectural and system design discussions and share your security expertise with technical and business stakeholders across the organization, from engineers to executives. You will collaborate with other security teams and share best practices across the organization.
You will work directly with internal customers to provide security guidance and help resolve security issues.
Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data, conducting root-cause analysis and confidently escalating complex events to experienced Security Engineers to protect customer trust. You will assist in the maintenance and configuration of workflows running on AWS technologies like Step functions. You will perform debugging to support platform infrastructure and troubleshoot complex security problems and provide technical details to assess and mitigate risks. You will apply automation to improve our security operations and make them more efficient and profitable. You will manage communications, generate and/or manage trouble tickets (i.e. security findings both logical and physical), interact with security systems and data warehouses that impact AWS data, operations, and/or reputation. You will support technical security campaigns and leverages tools and systems across the AWS Security to query trends, mine databases and system log, and detect anomalies and/or inconsistencies that require mitigating improvements. You need to be successful at multitasking, be self-motivated, and use discretion when dealing with sensitive information. You should also be able to rapidly learn new technologies, consider multiple solutions to problems, and show high levels of judgement when determining risk and impact of security events. An ideal candidate will have a thorough understanding of security operations as context for decision making when taking ownership to solve problems.
Responsibilities:
· Provide first-tier security reviews of security use cases
·
· Implement and review controls to protect Amazon data and systems
·
· Respond to security violations, potential vulnerabilities and alerts from detection systems
·
· Work with software development teams to proactively assess risk, fix security issues, and provide policy guidance
·
· Evangelize security within Amazon and be an advocate for customer trust
·
· Interface with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk.
·
· Independently work and support campaign findings, researches mitigations, and analyzes potential security vulnerability related information from a variety of sources to identify patterns and trends.
Amazon is an Equal Opportunity Employer – Minority / Women / Disability / Veteran / Gender Identity / Sexual Orientation / Age.
Basic Qualifications
· BA/BS in a related discipline, or equivalent experience
· Computer Science or Security Engineering degree.
· 2 years of experience in an operational IT role at a large organization
· Familiarity with common network, system and web application attacks and mitigations
· Fundamental knowledge of cloud computing services.
· Expertise in web application, system and network security.
· Experience in designing and implementing software and security tools.
· Experience in penetration testing and vulnerability assessment.
· Capable of communicating effectively verbally and in writing to an executive audience.
Preferred Qualifications
You will bring to the team:· Well-rounded knowledge of multiple Information Security domains
· Good understanding of the OWASP Top 10
· Experience in threat modeling and identification techniques
· Ability to work with developers to resolve security issues
· Experience in code reviews, vulnerability detection, and root cause analysis
· Scripting and automation experience.
· Experience with AWS or other cloud computing platforms.
· Good written and verbal communication skills
· Strong sense of ownership, urgency, and drive.
· Graduate degree in information security or related field
· Security certifications encouraged
Tags: APIs Automation AWS Cloud Computer Science Incident response Network security OWASP Pentesting Scripting Security strategy Strategy Vulnerabilities
Perks/benefits: Team events
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
48
6
0
Category:
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs