Security Engineer II

Description

A Security Engineer focuses on defensive security and the support of vulnerability discovery across assets/services. They play a hands-on role in the proactive identification and remediation of security issues at Amazon. Security Engineers use a variety of tools to analyze and review services to ensure they are built securely. This involves secure source code review, threat modeling, secure system design, understanding of web vulnerabilities, and how to identify and fix them.

Required Skills:

2-3 years’ experience in security foundation      

Vulnerability management on 3-party software

Former software development engineer

Previous penetration tester

Application development experience.

Hands-on management and operation of vulnerability discovery tools and infrastructure.

Vulnerability identification and management.

Customer service and partner with security teams.

Manage relationships and projects with software development teams and security suppliers.

Continuously improve, extend, and automate vulnerability discovery capabilities.

Detail-oriented.

Verbal and written communication skills.

Strong organizational skills, ability to work independently, and maintain professionalism under pressure.

Additional Skills:

Application security fundamentals.

Preferred development languages: Python and Java.

Web application security testing.

A Computer Science or equivalent technical degree and 3-5 years of relevant experience are required.