Amazon is continuously innovating new services and features for customers. Amazon Application Security focuses on enabling our builders to provide a secure and trustworthy experience to our customers without compromising the overall customer experience. As a Security Engineer on our team, you will solve interesting security challenges that arise when Amazon invents new technologies.
In this role, you will help build a platform that aims to quickly and automatically identify issues and take corrective actions across Amazon's attack surface. You will be challenged by scale and latency constraints as you build features that delight your users, and you will learn about and integrate with critical systems across Amazon. We believe in experimentation, iterating quickly and getting feedback from our customers and stakeholders.
Responsibilities include (but are not limited to):
Identify security issues and risks, and build mitigation plans
Research and build scalable service fingerprinting techniques and URL crawling
Propose and implement automation for various authentication systems across Amazon and its subsidiaries
Drive improvements of Amazon's overall security architecture
You will bring to the team:
Excellent written and verbal communication skills
Well-rounded knowledge of multiple Information Security domains
Deep technical understanding of the OWASP Top 10
Ability to work with developers to resolve security issues
Experience with URL crawling techniques and automation
Experience in code reviews, vulnerability detection, and root cause analysis
Strong sense of ownership, urgency, and drive
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
BS in Computer Science or related field or equivalent work experience.
3+ years of experience in web application security, secure application design and architecture, threat modeling, secure coding, and cryptography
Minimum of 1 years of experience with one or more programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)
Meets/exceeds Amazon's leadership principles requirements for this role
MS in Computer Science or equivalent work experience.
Development experience in C, C++ and/or Java.
Knowledge of distributed systems and security protocols.
Secure software development lifecycle experience.
Excellent written and verbal communication skills.
Excellent leadership skills and teamwork skills