The AWS Shield Response team is looking for a Security Engineer with deep expertise in application and network security who is passionate about research, advocacy, and protecting large-scale, production applications.
In this role, you will serve as an application and network security subject matter expert and work directly with AWS customers across industry verticals to protect applications against external threats. You will leverage your deep expertise and understanding of customer use cases to design and implement security policies that protect customers at-scale or address bespoke requirements. You will conduct both routine and reactive security research to improve customer understanding of threats, exposures, and vulnerabilities through external communication like blogs, whitepapers, and presentations. As the threat environment evolves, you will respond with rapid solutions and communication strategies that mitigate risk to customer applications and earn trust with stakeholders at all levels.
• 3+ years of experience in application and network security engineering
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
• Meets/exceeds Amazon's leadership principles requirements for this role
• Meets/exceeds Amazon's functional/technical depth and complexity for this role
• Strong understanding of security vulnerabilities, attacker exploit techniques, and methods for remediation of such
• Experience protecting large-scale applications using Web Application Firewalls (WAFs), network firewalls, and Intrusion Prevention Systems (IPS)
• Experience designing, building or testing web and API-based architectures
• Experience communicating technical concepts to a non-technical audience
• Strong presentation and written English communication skills; high degree of comfort with technical and executive audiences
• Experience scripting in common languages (e.g. Ruby, Python)