Full Time
Security Engineer – Amazon Jobs
Job Description
Job Type: Security Engineer from home
Location: New York work from home
Company: Amazon
Responsibilities:
- Evaluate and recommend new and emerging security products and technologies.
- Identify security issues and risks, and develop mitigation plans.
- Conduct security risk assessments to identify repeatable work streams and advocate for automation to reduce cycle times and improve efficiency.
- Participate in design discussions and the development of user stories for automation.
- Positively influence Supply Chain Security initiatives.
- Collaborate with engineering teams to develop security tooling.
- Create mechanisms to provide ongoing leadership visibility of the security posture, threats, and risks.
- Establish credibility and maintain strong working relationships with technical groups involved in software supply chain security, including Security Teams, AWS (Amazon Web Services), Legal, Compliance, and the Developer Community.
Requirements:
Basic Qualifications:
- Bachelor’s degree in Computer Science or a related field, or equivalent work experience.
- At least 5 years of experience in application security, threat modeling, secure coding, software development, secure software or system design.
- At least 3 years of experience in a development or security role working with development teams that delivered commercial software or software-based services.
- Advanced knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security.
- Experience with threat modeling or other risk identification techniques.
- Understanding of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
- Experience with multiple programming languages (e.g., Java, C++, Ruby, Python, Perl, etc.).
Preferred Qualifications:
- Experience with DevOps, Software Build and Deployment systems, Software Composition Analysis.
- Experience with service-oriented architecture and web services security.
- Knowledge of and experience with Software Supply Chain Security, OWASP SCVS, NIST SSDF, SBOMs, Code Signing, and Verification.
- Experience with AWS or similar enterprise cloud computing platforms.
- Demonstrated experience collaborating with other security engineers and developers to deliver complex projects.
- Excellent written and verbal communication skills with the ability to convey technical information to a wide variety of audiences.
- Strong and creative problem-solving abilities.
- Meets/exceeds Amazon’s leadership principles requirements for this role.
- Meets/exceeds Amazon’s functional/technical depth and complexity for this role.