Sr. Security Engineer, Remediation Team
Seattle, Washington, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
Job summary
The Security Remediation Team is seeking a Sr. Engineer to help redefine how we prevent or (auto)remediate newly detected vulnerabilities at time of creation.
Key job responsibilities
In this role you will conduct deep research into the constructs of how systems are built and operated/ managed at amazon, and the usage conditions which result in sources of risk. You will leverage this research to develop requirements to be adopted by core service teams, and/ or develop preventative controls or auto-remedies to compensate for these constructs and conditions.
A day in the life
You will interact with security, service and product teams to tease apart the source and corrective measures for our most systemic, critical vulnerabilities. Your core mission is to better secure our service ecosystem while simultaneously lowering the operational taxation placed on developer teams to achieve and maintain posture improvements.
About the team
The Circuit group within the Remediation team is Amazon InfoSec's vulnerability eradication team. In other organizations this function may be referred to as a SWAT team. We get to play and explore in a wide spectrum of technology domains, including but not limited to cloud security, application security, subsidiary security, core services, and identity and access management. If we're our offensive security teams jobs is becoming harder, we are succeeding.
· 5+ years of progressive experience within a software security team or similar operating environment
· Experience with service-oriented architectures and web services security.
· Well versed in application security, infrastructure security, business risk analysis and making complex business/risk trade-off recommendations and decisions.
· Technical knowledge in at least one security domain such as engineering, system and network security, authentication or security protocols.
· Hands-on knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques
· Strong information security risk-based prioritization abilities
· BA/BS in computer science, information security, related discipline, or equivalent work experience
· Ability to make concrete progress in the face of ambiguity and imperfect knowledge
· Sharp analytical abilities and proven design skill
· Experience with cloud service providers and their offerings, preferably and its various technologies and APIs
· Information security professional certifications encouraged (SANS GIAC, CISSP etc.)
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
The Security Remediation Team is seeking a Sr. Engineer to help redefine how we prevent or (auto)remediate newly detected vulnerabilities at time of creation.
Key job responsibilities
In this role you will conduct deep research into the constructs of how systems are built and operated/ managed at amazon, and the usage conditions which result in sources of risk. You will leverage this research to develop requirements to be adopted by core service teams, and/ or develop preventative controls or auto-remedies to compensate for these constructs and conditions.
A day in the life
You will interact with security, service and product teams to tease apart the source and corrective measures for our most systemic, critical vulnerabilities. Your core mission is to better secure our service ecosystem while simultaneously lowering the operational taxation placed on developer teams to achieve and maintain posture improvements.
About the team
The Circuit group within the Remediation team is Amazon InfoSec's vulnerability eradication team. In other organizations this function may be referred to as a SWAT team. We get to play and explore in a wide spectrum of technology domains, including but not limited to cloud security, application security, subsidiary security, core services, and identity and access management. If we're our offensive security teams jobs is becoming harder, we are succeeding.
Basic Qualifications
· 5+ years of progressive experience within a software security team or similar operating environment
· Experience with service-oriented architectures and web services security.
· Well versed in application security, infrastructure security, business risk analysis and making complex business/risk trade-off recommendations and decisions.
· Technical knowledge in at least one security domain such as engineering, system and network security, authentication or security protocols.
· Hands-on knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques
· Strong information security risk-based prioritization abilities
· BA/BS in computer science, information security, related discipline, or equivalent work experience
Preferred Qualifications
· 2+ years of software development experience· Ability to make concrete progress in the face of ambiguity and imperfect knowledge
· Sharp analytical abilities and proven design skill
· Experience with cloud service providers and their offerings, preferably and its various technologies and APIs
· Information security professional certifications encouraged (SANS GIAC, CISSP etc.)
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Tags: APIs Application security CISSP Cloud Computer Science GIAC Network security Offensive security Risk analysis SANS Vulnerabilities
Region:
North America
Country:
United States
Job stats:
3
0
0
Category:
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs