Amazon is looking for a focused Security Engineer who can take on a leadership role in responding to security issues across the largest cloud provider in the world. The right candidate must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right timeframes to mitigate risks.
We are looking for an individual who can balance technical risks against business risks and consistently drive for the right results. They must have the passion for engineering novel solutions to complex security challenges, and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is a plus.
The successful candidate will have a good mix of deep technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.
An ideal candidate should be able to accomplish most of the following:
- Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future.
- Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
- Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
- Evaluate the impact to the organization of current security trends, advisories, publications, and academic research. Coordinate responses as necessary across affected teams to do the right thing for our customers and our organization.
- Ability to communicate effectively at multiple levels of sensitivity, and multiple audiences.
- Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence.
- Provide subject matter expertise on architecture, authentication and system security.
- Fulfill regular on-call responsibilities.
Key job responsibilities
An ideal candidate should be able to accomplish most of the following:
- Triage/assess security issues and engage with internal service teams to ensure timely remediation of issues, escalating internally as necessary to ensure appropriate levels of urgency and engagement.
- Participate in efforts to promote security throughout the Company and build good working relationships within the team and with others across Amazon.
- Demonstrate high capacity and tolerance for extreme context switching and interruptions while remaining productive and effective.
- Develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Mentoring of junior staff and proactively share knowledge sharing within the team and across the company.
- Assist with hiring new employees
- Fulfil regular on-call responsibilities.
A day in the life
AWS Cloud Response is responsible for the security of AWS Cloud services. Our primary focus is to ensure the security of the cloud by working with service teams, vendors, and other stakeholders (both internal and external) to solve security challenges at massive scale, from incident response to emergent patching to helping publish guidance for customer impacting issues. We also work to develop tools and systems, and implement changes to drive automation, scalability and continuous improvements for our organization and AWS as a whole.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- Information security professional certification
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience applying threat modeling or other risk identification techniques or equivalent
- Experience implementing security solutions at the business division level or equivalent
- Experience with AWS products and services
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience with programming languages such as Python, Java, C++
- Experience in cyber security incident response within corporate and cloud environments.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/content/en/how-we-hire/accommodations.