Amazon’s Devices & Services Security team is seeking an innovative Security Engineer to join our Vulnerability Management Team. In this position, you will focus on detection, assessment, triage and supporting remediation of vulnerabilities. You will work with a diverse set of tools to support our devices and services vulnerability management capabilities. Your goal will be to deeply understand Amazon’s innovative Devices and Services to enhance our vulnerability management capabilities throughout the Software Development Lifecycle (SDLC). You will partner with development and partner security teams to drive prioritization and remediation of vulnerabilities to help deliver secure products for our customers.

Key job responsibilities
- Developing and tuning custom services to perform a variety of vulnerability management processes
- Reviewing output of automated detection tools for accuracy
- Analyze public and private vulnerability disclosures to analyze impact on Amazon Devices and Services
- Providing actionable long-term risk prioritization and mitigation guidance to drive security improvements at scale
- Proposing mechanisms for integrating tooling into the development lifecycle
- Collaborate with partners across Amazon to develop scalable solutions to security problems

BASIC QUALIFICATIONS

- 3+ years hands-on experience in Vulnerability Management and/or Application Security teams
- 3+ years experience with scripting languages (Python, bash, etc.)
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Bachelor’s degree in CS, CE, or related field, or equivalent work experience

PREFERRED QUALIFICATIONS

- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience with AWS products and services
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Knowledge of current security threats, trends, and mitigations

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.