Application Security Engineer, Security Enablement for External Environments
POPIS
The Amazon Security Enablement for External Environments (SE3) team is responsible for building tools and performing security reviews focused on ensuring Amazon Builders are operating their 3P vendor software securely. This work centers on identifying and surfacing risks and security issues with internal use of external systems. The AWS Security team works with service teams to design and build secure solutions, participate and coordinate cross-organization security initiatives, and solve security challenges at scale. This is an exciting and visible role – you will directly influence the security postures for acquired products and services. You will regularly interact with world-class engineers and senior leadership, both internally and externally.
The Amazon SE3 team is looking for a Security Engineer to help build and grow security operations and tooling to address both deeply technical and programmatic security issues, as well as emerging new threats. The role requires partnering with the business to define key security risks, implementing actionable plans to achieve remediation of security issues, and diving deep on tactical security aspects of the business in need of extra attention. Security Engineers oversee and influence cross-functional security diligence and integration teams to ensure all relevant security tasks are completed.
You will be able to work autonomously, expected to be a natural problem solver, collaborative, and not fazed by adversity or ambiguity. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cloud security threats, the ability to influence people from customers to managers thru technical solutions, and the desire to be an individual contributor to securing Amazon's next generation technology.
Key job responsibilities
· Conduct security reviews of internal usage of third-party (3P) vendor software.
· Develop and implement tooling to automatically assess the secure configuration of third-party (3P) vendor software.
· Provide security guidance documentation.
· Work with engineering teams across Amazon to prioritize security issues identified during security review.
· Provide expert advice and consultancy to internal customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigation.
· Implement information security controls and patterns that support risk assessments and the development of secure architectures.
· Collaborate with engineering teams to drive product roadmaps, by providing security requirements that map security controls to service features.
· Address bottlenecks, provide escalation management, anticipate and make tradeoffs, and balance the business needs versus technical constraints.
· Partner with multiple teams across multiple locations with varying sets of priorities to ensure a timely delivery of the secure solutions.
· Clarify and drive project commitments as well as establish and maintain clear chains of accountability.
· Lead internal process improvement projects, including the development and implementation of internal security tools.
· Provide security training and outreach to internal development teams.
· Provide assistance with metrics delivery and improvements.
· Provide assistance with recruiting activities and administrative work.
About the team
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
ZÁKLADNÍ KVALIFIKACE
- BS in Computer Science or related field, or equivalent work experience
- 3+ years of experience with at least two of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, penetration testing, cloud security, mobile security, and network security
- Experience reading and writing in at least one programming language
PREFEROVANÁ KVALIFIKACE
- You demonstrate excellent judgement in assessing and prioritizing technical risk
- You have a strong application security background with a focus on scalable solutions
- You have experience building and securing complex AWS architecture
- You have excellent written and verbal communication skills
- You work to identify and remove bottlenecks for your teammates, both in process and technology
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.