You have hundreds of thousands of hosts, hundreds of millions of lines of code, billions of online transactions, and one of the most visited sites on the Internet. Now go secure it. At Amazon, we obsess over our customers, and ensuring our customers’ trust is our first priority. To earn that trust in an environment as vast and varied as Amazon’s and an online world where threats grow ever more sophisticated requires building a world-class information security team to tackle never-before-seen challenges at dizzying scales. You will not just be using cutting-edge technologies here in Amazon; you will be inventing them.
Amazon.com is looking for expert Security Engineers to ensure that our infrastructure is designed and implemented to the high standards required to maintain and enhance customer trust. If you enjoy analyzing networks, system services, operating systems and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity. You will participate in the design, build and deployment of security-focused infrastructure as well as provide consultation, architectural review, risk analysis, vulnerability testing and security reviews of many elements of Amazon’s systems.
Responsibilities of this role include:
- Identify security issues and risks, and develop mitigation plans
- Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles
- Advise and consult with internal customers on risk assessment, threat modeling and fixing vulnerabilities
- Develop and interpret security policies and procedures
- Evaluate and recommend new and emerging security products and technologies
- Mentor junior members of the team
- Develop and deliver training materials and perform general security awareness and specific security technology training
- Consult with our Acquisitions and Vendor Risk assessments team on due diligence assessments
- Participate in security compliance efforts
- Participate in on-call incident response
- Participate in projects that develop new intellectual property
- Participate in tier 2 and tier 3 security escalations support
- Evangelize security within Amazon.com and be an advocate for customer trust