Full Time
Senior Security Engineer – Amazon Work From Home Jobs
Job Description
Job Type: Senior Security Engineer from home
Location: New York work from home
Company: Amazon
Responsibilities:
- Conduct security reviews, including those on secure design and architecture, threat modeling, threat assessments, secure code reviews, security testing, and security certifications.
- Find security flaws in services, goods, applications, and third-party as well as internally built solutions
- Determine the importance of the findings while taking the relevant business, technological, and threat environment into consideration.
- For a variety of audiences, including technical and non-technical stakeholders, produce reports that describe the work performed.
- combine oral and written reports to present findings to the appropriate stakeholders. Determine owners and promote mitigation of results while adhering to SLAs
- Record findings and any supporting data, work products, and test results in accordance with the rules and regulations.
- Utilizing scripting or programming languages, create security automation, secure-by-default solutions, and other solutions that will increase developer and security engineering productivity.
- Gain a thorough and in-depth technical understanding of the goods, services, and structures related to the customer service organization.
- Ensure that applications are planned and built securely by contributing to the long-term and short-term security strategy.
- Easily switch between tactical, day-to-day operational execution and broad-based, strategic thinking
- Provide practical long-term and short-term risk mitigation recommendations after reviewing technological solutions to assist mitigate security vulnerabilities.
- Streamline secure software development lifecycle (SSDLC) procedures across many Amazon companies
- Encourage decision-makers and other key players to set a high standard for security.
- Lead security projects with end-to-end ownership Create pertinent paperwork, security guidelines, and metrics to report to your stakeholders and business executives and offer these in a clear, succinct way
- Participate in the on-call rotation and security escalation support
- Analyze and make suggestions about novel and developing security products and technology.
- assistance in recruiting, teambuilding, mentoring, and integrating new team members
- Own and execute security engineering projects and consultations, whether new, ongoing, or sporadic.
- Deliver frank security remedies being the most customer-centric company on the planet. You must be a good person who appreciates being part of a fun team.
Requirements:
BASIC REQUIREMENTS
- An equal professional background, such as a BS in computer science or information security
- 8 or more years of proven experience in systems security, product security, or application security
- A minimum of one scripting or compiled language, such as Java, Python, JavaScript, Go, Ruby, C#, or C/C++, must be easily mastered by the programmer.
- Comprehensive technical knowledge of SANS 25 vulnerability identification and repair, OWASP Top 10 vulnerability identification, and
- A track record of success in threat modeling, code reviews, security testing, vulnerability detection, attacker exploit technique analysis, and strategies for fixing vulnerabilities.
- AWS, Azure, and Google Cloud security experts with a track record
- Excellent communication abilities both in writing and speaking, with the capacity to tailor messages to technical and non-technical audiences at all levels, including senior leadership.
- Ability to drive several technically complicated security initiatives while yet being effective at delivering security guidance to stakeholders. Self-starter who can work independently and deliver results in a fast-paced, highly ambiguous environment.
FAVORABLE QUALIFICATIONS
- A comparable master’s degree in electrical engineering, computer engineering, information security, or computer science
industry-specific credentials from organizations like SANS, GIAC, CISSP, OSCP, etc. - 3+ years of expertise creating software using at least one programming language, such as C#, Java, Python, JavaScript, Go, or Ruby.
- 3+ years of experience in offensive security, red teaming, or penetration testing