AWS Security is looking for a Security Engineer to design security controls and help validate that our services, applications, and emerging technologies are designed and implemented to the highest security standards. You will be engaging with teams creating exciting new technologies, requiring highly customized security judgment outside of existing IT and security structures. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and decisively taking action to remediate emerging threats throughout a full secure development life-cycle (SDLC).
- Create security guidance and documentation for team and customers
- Develop and deliver security training and outreach to internal development teams
- Scope and assist in penetration testing engagements for services that will operate at cloud-scale
- Develop security tools and automation
- Shaping services and software through security review of design, architecture, and implementation
- Secure development life-cycle (SDLC) practices including threat modeling and security testing
- Support for mentoring, team building and recruiting activities in a company where security is a critical priority
- Strongly influence decision-makers and stakeholders to achieve a consistently high security bar for new services
- Opportunities to communicate security findings to senior leadership across the company
- Lead security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership across AWS and Amazon initiatives
Qualification & Experience:
- Understands web services, distributed systems, or mobile applications
- Excellent written and verbal communication skills
- Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)
- Experience implementing or driving security solutions at the business level
- Minimum of 2 years of experience with any combination of the following: mobile security, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Advanced knowledge and understanding of security engineering with command line utilities and/or scripting on at least one computer operating system, such as Linux/Unix or Windows.
- Strong sense of ownership, urgency, and drive
- Hands on experience with IT security (application security, threat modeling, cryptography, penetration testing, etc.
- MS in Computer Science, Information Security or equivalent field.
Vacancy Type: Full Time
Job Location: San Francisco, CA, US
Application Deadline: N/A