Amazon Lab126 is an inventive research and development company that designs and engineers high-profile consumer electronics. Lab126 began in 2004 as a subsidiary of Amazon.com, Inc., originally creating the best-selling Kindle family of products. Since then, we have produced groundbreaking devices like Fire tablets, Fire TV and Amazon Echo. What will you help us create?
The Device OS group at Amazon is responsible for building Amazon Common Software (ACS) for IoT devices as well as Fire OS. ACS for IoT devices is a software stack integrates that enables easy integration of Alexa Voice Services (AVS), Frustration Free Setup (FFS) and AWS IoT Device SDK for Device makers and silicon vendors. Fire OS is used across a wide family of Amazon devices including FireTV, FireTV Edition, Fire Tablets and Echo line of products.
We are looking for a qualified Senior Security Engineers to join our innovative, high energy team. You will be responsible for ensuring our environments and products are secure as, paramount to our success, is ensuring that we maintain customer trust in all we do.
In this role you will:
- Develop a deep understanding of the software stacks, middleware and services pertaining to Device OS organization
- Be the thought leader in defining, developing and deploying innovative self-service qualification tools, test suites and cloud services for customers developing products based on software delivered by Device OS
- Interface with internal/external customers to audit/review/deploy security features
- Research, maintain proficiency on security topics and advise leadership teams in Device OS
- Institutionalize security best practices in software development across teams in Device OS
- Propose and develop training materials to help raise the security bar across the Device OS organization
• B.E. in Computer Science, Information Security, or equivalent professional experience.
• 5+ years of demonstrated experience in areas such as penetration testing, vulnerability assessments, embedded device security, application security, systems security, and/or network security.
• Understanding of threat modeling, security vulnerabilities, attacker exploit techniques, and methods for their remediation.
• Understanding of best practices in security engineering, including secure development, cryptography, network security, security operations, systems security, policy, and/or incident response.
• 10+ years of experience in Security engineering domain.
• Experienced in embedded device software security technology, secure boot, secure elements etc..
• Experienced with AWS services and security concepts.
• Experienced using common penetration testing tools
• Experienced with reverse engineering and hardware hacking.
• Programming experience in C, C++ and/or Java.
• Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences.
• Ability to work in a highly ambiguous environment
• Ability to work with a high degree of autonomy.
• Scripting skills (E.g: Python, Perl, Bash, Ruby, PowerShell, etc.) will be an added advantage