Security Engineer II, Application Security, Customer Logistics Security
DESCRIPTION
Come work for a cybersecurity leader who cares about work-life harmony and having meaningful work. We’re a fun and passionate team that invents novel ways to identify or reduce risk at scale.
Our Application Security team is seeking a Security Engineer to embed security early in the software development life cycle (SDLC), ensuring vulnerabilities are identified and addressed swiftly and at scale. You will deliver high-quality and scalable application security solutions. You will contribute to the design, implementation, and maintenance of security measures that protect our applications. You will collaborate with cross-functional teams to execute security processes, contribute to security assessments, and support the secure development lifecycle. This is an exciting opportunity to grow your career in application security and learn from more senior engineers.
Our team supports the application security of fulfillment centers, transportation between fulfillment centers, customer delivery, and grocery stores.
Key job responsibilities
• Contribute to the development of security tools, frameworks, and documentation to streamline security operations.
• Help to identify use cases that support security detection automation to allow us scale security identification.
• Review application security architecture and designs to ensure teams are using the best security paved paths (secure by default solution) and reducing threats.
• Provide skilled advice and consultancy to resolve security findings with internal development teams to help influence ensuring security meets or even exceeds the bar.
• Collaborate with product and development teams to integrate security into the software development lifecycle (SDLC) and ensure secure code delivery.
• Help to build use cases or tools supporting automation to scale security identification, security prevention, or improve processes.
• Coach and mentor junior security engineers, helping them develop their skills and improve the team’s overall security practices.
About the team
Our mission is to embed security early in the software development lifecycle, ensuring vulnerabilities are identified and addressed swiftly.
Our vision is to create a secure development environment where security is seamlessly integrated, enabling our stakeholders to innovate with confidence, knowing their apps are resilient against threats by design.
ABOUT AmSec:
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
BASIC QUALIFICATIONS
- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
PREFERRED QUALIFICATIONS
- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+, or Information security professional certification
- Bachelor's degree in computer science or equivalent
- Experience implementing security solutions at the business division level or equivalent
- Good written and verbal communication skills with the ability to present technical information in a clear and concise manner to a variety of technical and non-technical audiences.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.