Security Engineer, Stores Security

Amazon Amazon · Big Tech · Seattle, WA · Systems, Quality, & Security Engineering

Security Engineer role focused on collaborating with software development teams to ensure security of novel services. Responsibilities include threat modeling, secure code review, developing security automation tools, adversarial analysis, security training, and providing architecture guidance. Requires knowledge of system security vulnerabilities, remediation techniques, web protocols, and security technologies. Preferred qualifications include AWS experience and full secure software development lifecycle experience.

What you'd actually do

  1. Creating, updating, and maintaining threat models for a wide variety of software projects
  2. Manual and Automated Secure Code Review, primarily in Java, Python and JavaScript
  3. Development of security automation tools
  4. Adversarial security analysis using modern tools to augment manual effort
  5. Security training and outreach for internal development teams

Skills

Required

  • Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
  • Experience with web protocols, common security attacks, and remediation (non-internship)
  • Experience solving basic problems by writing code or scripts with some assistance
  • Knowledge of security technology and concepts (Authentication, Authorization, Single sign-on, Cryptography, etc.)

Nice to have

  • Experience with AWS services or other cloud offerings
  • Experience developing software code in one or more programming languages (java, python, etc.)
  • Experience in the full secure software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations

What the JD emphasized

  • novel methods or approaches