Senior Security Engineer, Defensive Security Solutions (DSS)
DESCRIPTION
Do you have a knack for creating cyber security tools, and influencing how high scale software applications are built? Is your preferred method of work finding ways to help other security engineers discovery and detect vulnerabilities? Are you interested in shaping Amazon’s tool chain for vulnerability management? Is working in a hybrid software and security role what gets you excited? If so, this is THE AMAZON JOB for you!
The Defensive Security Solutions (DSS) team is seeking a seasoned Senior Security Engineering to work along side other security engineers, and software engineers to create Amazon’s next vulnerability scanning framework. In this role you will be part of net new innovations that will make vulnerability management efficient at Amazon scale. You will report into the head of our vulnerability scanning and visibility charter. In this position you will take the prominent role in shaping the next three years of vulnerability management tool chains.
Key job responsibilities
As a Senior Security Engineer on the DSS team, you will:
- Advise senior leaders, head of scanning and visibility, peer senior software engineers, and vulnerability management stakeholders regarding scanning and detection solutions that cover host and container assets.
- You will perform threat modeling for all DSS Tier-1 solutions, while mentoring peer security engineers on the ways of a security Jedi!
- You will assist Principal Engineers on moving large security project forwards, providing hands on coding, detection, and security analysis contributions as needed.
- Have the opportunity to create technical system designs that meet security engineering team needs, external customer needs, and use the latest creative security solutions.
- Brainstorm and execute ideas that allow for improving security at Amazon. Everything from innovative ways to shift left, to how to deploy machine learning to work through hard problems.
- Contribute early and often to your software teams code packages, feature set, and value propositions. You will work with product managers, technical program managers, and software development managers to bring your solutions to delivery.
- You will support a variety of software and security teams spanning Incident Response, Vulnerability Management, and Remediation.
A day in the life
Most days you will be working across the host, remote, and container scanning teams to help them design Amazon's new scanning architecture. You will be responsible for the security posture, security feature set, and security abilities of those applications.
To achieve your responsibilities you will work hand in hand with a global team of security engineers across the globe, ensuring your team's security solutions meet their needs.
Further, when security events happen you may be paged into to support the software teams in ensuring the systems are up and running to support our security teams.
About the team
The DSS team is a multi-chartered security organization of 64 individuals. DSS handles scanning, data pipelines, security finding management, and internal security productivity (SIEM, SOAR, etc.) tool sets for Incident Response and Vulnerability Management. As a Senior Security Engineer in this team you will have a broad reach to influence support multiple global security organizations.
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
BASIC QUALIFICATIONS
- Bachelors degree in Computer Science or related technical degree with 5+ years engineering experience in the development of security products and/or system, network, and/or application security. Will consider additional 4 years of related experience in lieu of degree.
- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem.
- 5 years experience and deep knowledge of vulnerabilities, exploits and vulnerability management systems
- 5 years experience developing vulnerability assessment tests, tools and exploits in Python, Java, etc
- 3 years experience building applications or systems on cloud-based services.
PREFERRED QUALIFICATIONS
- Experience creating, deploying, and maintaining host and/or container scanning systems.
- Experience in authoring and deploying vulnerability detection solutions.
- Familiar with software best practices, engineering excellence, and system design.
- Able to write production grade Python and Java applications.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.