Senior Security Engineer – Amazon Jobs
Job Description
Job Type: Senior Security Engineer home
Location: Texas work from home
Company: Amazon
A skilled and seasoned Senior Applications Security Engineer is needed by Amazon to concentrate on protecting the ecosystem that underpins Amazon Customer Service (CS). One of the biggest customer service companies in the world is called CS. Tens of thousands of Customer Service Associates work for our company’s global operations, providing top-notch customer service to clients in more than 15 languages (and expanding) around the clock.
You will have the ability to solve complex security issues on a global scale in this position. You will assist in defining the short- and long-term security strategies as a senior security engineer. You’ll divide your time and energy between operational and strategic deliverables. You will have the chance to collaborate with talented technical teams at Amazon to guarantee that apps are created safely. You are passionate about identifying and reducing vulnerabilities and risks by offering concrete advice to product teams and promoting long-term security improvements because you care profoundly about keeping Amazon customers safe. You are highly renowned for both your exceptional prioritization abilities and your capacity for both technical and non-technical communication at all levels of an organization. The ideal candidate must be self-sufficient, at ease in highly confusing circumstances, and capable of producing outcomes quickly.
Responsibilities:
- Conduct security reviews, including those on secure design and architecture, threat modeling, threat assessments, secure code reviews, security testing, and security certifications.
- Find security flaws in services, goods, applications, and third-party as well as internally built solutions
- Determine the importance of the findings while taking the relevant business, technological, and threat environment into consideration.
- For a variety of audiences, including technical and non-technical stakeholders, produce reports that describe the work performed.
- Combine oral and written reports to present findings to the appropriate stakeholders. Determine owners and promote mitigation of results while adhering to SLAs
- Record findings and any supporting data, work products, and test results in accordance with the rules and regulations.
- Utilizing scripting or programming languages, create security automation, secure-by-default solutions, and other solutions that will increase developer and security engineering productivity.
- Gain a thorough and in-depth technical understanding of the goods, services, and structures related to the customer service organization.
- Ensure that applications are planned and built securely by contributing to the long-term and short-term security strategy.
- Easily switch between tactical, day-to-day operational execution and broad-based, strategic thinking
- Provide practical long-term and short-term risk mitigation recommendations after reviewing technological solutions to assist mitigate security vulnerabilities.
- Streamline secure software development lifecycle (SSDLC) procedures across many Amazon companies
- Encourage decision-makers and other key players to set a high standard for security.
- Lead security projects with end-to-end ownership Create pertinent paperwork, security guidelines, and metrics to report to your stakeholders and business executives and offer these in a clear, succinct way
- Participate in the on-call rotation and security escalation support
- Analyze and make suggestions about novel and developing security products and technology.
- assistance in recruiting, teambuilding, mentoring, and integrating new team members
- Own and execute security engineering projects and consultations, whether new, ongoing, or sporadic.
- Provide the best customer-centric security solutions on the planet. You must be a good person who appreciates working in a fun team.
Requirements:
BASIC REQUIREMENTS
- 8+ years of experience in application security, product security, or systems security • 5+ years of experience writing production-level code in at least one scripting or compiled language, such as Java, Python, JavaScript, Go, Ruby, C#, or C/C++ • A BS in computer science, information security, or equivalent professional experience a track record of success in threat modeling, code reviews, security testing, vulnerability detection, attacker exploit technique analysis, and strategies for fixing vulnerabilities.
- Experience protecting cloud services like AWS, Azure, and Google Cloud for five years or more
FAVORABLE QUALIFICATIONS
A master’s degree in computer science, information security, computer engineering, electrical engineering, or a related field is required. Relevant industry certifications from SANS, GIAC, CISSP, OSCP, etc. are also required. Three or more years of experience developing software in at least one programming language, such as Java, Python, JavaScript, Go, Ruby, C#, or C/C++ are also required. Three or more years of experience in penetration testing, offensive security, or red teaming are also required. Excellent verbal and writing communication abilities, including the capacity to tailor messages to audiences at all levels, including senior leadership, who are both technically proficient and not; Experience leading several technically challenging security initiatives while remaining effective at providing security advise to stakeholders. History of working autonomously and producing outcomes in a fast-paced, highly ambiguous workplace.