Are you excited at the prospect of keeping the metadata for AWS customers safe? Are you passionate about the cloud and the systems that support it? Security is the #1 concern in AWS, and if you're excited by security at massive scope, integrated operational and human processes, cloud computing, having significant beneficial customer impact, and securing scalable systems that process massive amounts of data, we want to talk to you!
AWS is looking for a Sr. Security Engineer to ensure that our internal applications and systems that support one of the biggest businesses in AWS are secure. This technical leader will ensure that at the macro and micro level, we insist on the highest standards in order to maintain and enhance customer trust while navigating the nuance of meeting the business needs. You will participate in security audits, risk analysis, vulnerability testing and security reviews. You will dig into the details at the micro level and recommend change, and then be the agent of change at the macro level to senior leadership across a large organization.
A successful candidate will have experience working through high amounts of ambiguity, helping to define security requirements and standards with managers and engineers and incorporating customer feedback. You will identify potential problems before they become real problems, and will build mechanisms that continue to make AWS and it's customers safer. You'll work to change security processes that are reactive to be proactive, and will be the security leader behind a large software development organization
• Lead incident management, response, and change.
• Inventing and simplifying security technology and processes.
• Application security reviews
• Secure architecture design
• Threat modeling
• Identifying security issues and risks, and developing mitigation plans
• Projects and research work as needed
• Security training and outreach to internal development teams
• Security guidance documentation
• Security tool development
• Security metrics delivery and improvements
• Evaluating and recommending new and emerging security products and technologies
• BS in Computer Science or related field, or equivalent work experience
• 5+ years of professional experience with cyber-threat modeling, cloud security, application security, identity and access management, network architecture and systems engineering.
• Experience with programming languages (such as Java, C++, Ruby, Python, Perl) for both tool development and code review.
• Software development, iterative analytic development, life cycle process and best practices
• Broad knowledge of systems architecture, programming languages, operating system principles, networking, and software development best practices.
• Master or PhD in computer science or related technical field.
• Have experience in the development of security products
• Have a clear understanding and experience with AWS cloud computing services and deployment pipelines.
• Demonstrate innovative security approaches in non-traditional IT environments
• Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid "analysis paralysis")
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.