At Amazon, we are obsessed with earning customer trust. The People Experience and Technology (PXT) Security team enables our PXT business leaders to maintain customer trust by keeping HR systems and their underlying employee, contingent worker, applicant, and candidate data secure.
PXT Security’s Defensive Security Team is looking for a passionate, innovative, and results oriented security engineer who has a strong passion for security at scale to help keep Amazon PXT's applications and services secure. This team is responsible for onboarding PXT applications and services to a security log monitoring platform, which helps in detecting unauthorized user behavior, and alerting PXT application teams when potentially abusive behavior is detected. Our team also partners with PXT application teams to remediate weaknesses, and sharpen our software development lifecycle.
In this role, you will be asked to solve complex technology problems, build tools to automate your way out of manual efforts, and influence how PXT services protect, detect, and respond to adversaries, and mitigate security threats to protect HR data. You will be in direct contact with PXT teams across business verticals, giving you first hand knowledge about how Amazon PXT is built and operates. Additionally, you will leverage the knowledge you gain to find new ways to drive improvements to PXT's services, processes, and programs. Further, you will be backed up by a team of highly-skilled security engineers, all working with a singular focus of maintaining our customer’s trust.
A person in this role must show exemplary judgment in making trade-offs between short-term fixes and long-term security and business goals. They must also demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Amazon and its customers secure.
Key job responsibilities
* Ensure PXT application owners have enabled security event logging for their applications
* Support PXT application owners to onboard their applications on a log monitoring platform, detect unauthorized user behavior, alert application teams when potentially abusive behavior is detected, and help teams remediate weaknesses
* Develop comprehensive security testing strategies and programs across PXT to provide assurance that security controls are designed and operating effectively
* Develop innovative accelerators, tools, mechanisms, and processes to enhance the security team's velocity and scale to Amazon's needs
* Facilitate multiple stakeholders to agree on appropriate solutions, and verify that risks are mitigated appropriately. Demonstrate creativity, insight, intellectual flexibility, and sound business judgment throughout the process
* Investigate security issues and identify opportunities for detecting or preventing similar issues with automation. Work with development team to ensure that the automatic detection of security issues fits with overall development practices
* Work independently but collaborate with cross-functional teams (e.g., threat intelligence, incident response, software development, QA, Project/Release Management, Build and Release) to provide security engineering consulting and control design recommendations to reduce risk
* Identify and drive new initiatives to expand automatic security analysis to find the critical problems of the present and the future
* Evangelize security across Amazon and be an advocate for customer trust
About the team
The People Experience and Technology (PXT) Security team enables our PXT business leaders to maintain customer trust by keeping HR systems and their underlying employee, contingent worker, applicant, and candidate data secure.
QUALIFICHE DI BASE
* Bachelors Degree in Computer Science or related field, or equivalent work experience
* 4+ years of experience in multiple security engineering disciplines (e.g., security log monitoring, security incident management, threat intelligence, application security, secure software or system design)
* 3+ years of experience in a development or security role, working with development team(s) that delivered commercial software or software-based services
* Deep understanding of security vulnerabilities and remediation techniques
* Technical knowledge across multiple areas of security engineering (e.g., system and network security, authentication and security protocols, cryptography, application security)
* Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
* Excellent communication and data presentation skills to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries
* Ability to take a project from ideation through launch
* Experience in communicating with users, other technical teams, and management to collect requirements, describe software product features, and technical designs
* Deep knowledge of at least one scripting language (e.g., Python, Perl, Ruby, Shell scripting)
* Knowledge of AWS Cloud Security principles, threat modeling or other risk identification techniques
* Sharp analytical abilities and proven design skills
* Excellent written and verbal communication skills
* Excellent leadership and teamwork skills
* Results oriented, high energy, self-motivated
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial +44 800 086 9884 (tel:+448000869884). If calling from Ireland, please dial +353 1800 851 489 (tel:+3531800851489).