The Amazon Web Services (AWS) Proactive Security team continuously works to ensure our services and resources are implemented and maintained to the meet the highest standards of security. Our mission is to prevent security incidences from happening and when they do, we detect and mitigate them in real time.We are looking for a Senior Security Engineer who has a strong passion for security-at-scale. We develop tools and prototypes to automatically detect and prevent security problems in AWS source code, services and resources. Our team deals with immense quantities of resources and we use cutting-edge analysis techniques to solve the most complex security issues at scale.You will use your security expertise to define new tooling domains and building new security focused products within AWS Security. You will collaborate with Builders, Security Analysts and Applied Scientists to drive security improvements. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, you will be a security generalist with one or more areas of deep expertise. You will communicate risks across the business to both technical and non-technical audiences, and effectively harmonize disparate opinions while reducing risk.Key job responsibilities* Research, identify, and prioritize security problems that can be detected using automation.* Effectively drive conversations with Principal Engineers, Directors and VPs to influence business investments and prioritize risks.* Develop detection prototypes for these security problems to enhance our tool-set for static, dynamic or network analysis. Provide security architecture and design guidance and develop security automation tools.* Work with Builders and service teams to address detected security issues in an appropriate and timely fashion.* Identify opportunities to prevent security issues at scale.* Document and provide security guidance that will be used across AWS services.* Deliver metrics to show effectiveness of our security initiatives.* Mentor and develop teammates both technically and professionally.* Seek out, develop, and advocate for new technology to research, identify, and mitigate complex risks.* Effectively navigate novel situations and problems that do not have a defined solution.A day in the lifeAbout the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.BASIC QUALIFICATIONS- BS in Computer Science, Information Security or equivalent- Minimum of 5 years of experience with any combination of the following: mobile security, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security- Knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security- An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)- Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)
...