Senior Security Engineer

3+ months agoArlington, VA


Amazon People Technology is looking for a Senior Security Engineer to focus on improving our application, system, and infrastructure security. You are obsessed with customer trust. You have breadth and depth of security knowledge and can identify and advise on risks across multiple areas of an organization. You will be solving security challenges at scale and working to help other teams create solutions while developing strong security culture and practices.
You have industry-leading technical abilities and are strong in multiple domains. You work with groups throughout Amazon to help them integrate security at all levels of their projects. You are involved in hands-on security assessments, develop and provide guidance, and advocate security engineering best practices. You proactively and continually improve your level of knowledge about Amazon's business, information security, the threat landscape and relevant technologies.

• Perform security reviews to identify security issues and risks, and develop mitigation plans
• Advise and consult with internal customers on risk assessment, threat modeling, code review, and vulnerability remediation
• Provide expert advice to internal customers on developing secure architectures
• Develop and interpret security policies and procedures
• Evaluate and recommend new and emerging security products and technologies
• Develop and deliver training materials and perform general security awareness and specific security technology training
• Participate in security compliance efforts
• Participate in security escalations support
• Evangelize security within and be an advocate for customer trust


• Bachelor's Degree or MS in Computer Science or related field
• At least 5 years of experience in application, secure software or system design
• At least 3 years of experience in a development or security role working with development team(s) that delivered commercial software or software-based services
• Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits


• Significant experience and detailed technical knowledge in multiple areas of: security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
• Strong scripting skills in one or more of the common languages (e.g., Perl, Python, Ruby, shell scripting)
• Experience with service-oriented architecture and web services security
• Experience with the application of threat modeling or other risk identification techniques
• Experience designing and/or reviewing the security of systems in conjunction with a development team
• Experience in risk identification, secure software design, secure architectures, security testing, or vulnerability detection or remediation
• Sharp analytical abilities and proven design skills
• Excellent written and verbal communication skills
• Excellent leadership skills and teamwork skills
• Results oriented, high energy, self-motivated

Amazon is an Equal Opportunity-Affirmative Action Employer Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation

Job ID: Amazon-1458708