Security Engineer, Large-Scale Risk – Corporate Services Security
Description
We are open to hiring candidates to work out of one of the following locations:
Seattle, WA, USA
Arlington, VA, USA
At Amazon, we are laser-focused on earning and maintaining customer trust. The Corporate Services Security team (CPSS) protects critical business services that our employees use to deliver the best products and services on planet earth.
Our Large-Scale Risk Reduction team (LSR) is looking for an innovative and impact-driven security engineer who has a strong passion for security at scale. The team secures the business by identifying systemic risk plaguing our corporate builder teams and building scalable solutions that lead to lasting change across the company.
A security engineer in this role will operate across multiple Amazon Security teams and will leverage their diverse and deep expertise to drive strategic risk reduction with business leaders at the highest levels. You will work with Product Security teams, Red teams, and Blue teams to identify patterns and root-cause, develop solutions with Amazon builder teams, and implement complex technical projects at Amazon scale.
Key job responsibilities
• Work with Product Security teams, Red teams, and Defensive teams to identify systemic issues across the enterprise
• Partner with builder teams to understand the challenges they face, and root-cause issues using multiple perspectives
• Write compelling narratives for stakeholders to consume and understand risk and impact
• Write crisp executive summaries for presentation to stakeholders and executives
• Develop innovative accelerators, tools, and mechanisms to develop solutions for complex issues
• Facilitate forums with principal engineers to drive consensus on appropriate solutions
• Develop and propose solutions to solve complex security problems at-scale
About The Team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Basic Qualifications
• 6+ years of experience in two or more of the following security domains: Pentesting, Red Teaming, Security Architecture, Data Analytics, SDLC, and/or Application Security
• 3+ years of experience with AWS technologies and services
• Experience driving deep dive campaigns in large, complex organizations
• Demonstrated proficiency with Python, C/C++, Lua, Golang, or Rust.
Preferred Qualifications
• Experience as a software or devops engineer, or security engineer, working with developer teams that delivered commercial software or services
• Threat modeling experience with proficiency in cloud security architecture best practices
• Proficient in secure code review
• Threat hunting and/or detection engineering with experience in automation and orchestration
• Proficient with effective, if not scrappy, scripting
• Published CVEs, offensive/defensive tools, or articles
• GIAC Defensible Security Architecture (GDSA), OSCP, OSCE3, OSWE, or similar
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
Company - Amazon.com Services LLC
Job ID: A2994299
Apply Now
We are open to hiring candidates to work out of one of the following locations:
Seattle, WA, USA
Arlington, VA, USA
At Amazon, we are laser-focused on earning and maintaining customer trust. The Corporate Services Security team (CPSS) protects critical business services that our employees use to deliver the best products and services on planet earth.
Our Large-Scale Risk Reduction team (LSR) is looking for an innovative and impact-driven security engineer who has a strong passion for security at scale. The team secures the business by identifying systemic risk plaguing our corporate builder teams and building scalable solutions that lead to lasting change across the company.
A security engineer in this role will operate across multiple Amazon Security teams and will leverage their diverse and deep expertise to drive strategic risk reduction with business leaders at the highest levels. You will work with Product Security teams, Red teams, and Blue teams to identify patterns and root-cause, develop solutions with Amazon builder teams, and implement complex technical projects at Amazon scale.
Key job responsibilities
• Work with Product Security teams, Red teams, and Defensive teams to identify systemic issues across the enterprise
• Partner with builder teams to understand the challenges they face, and root-cause issues using multiple perspectives
• Write compelling narratives for stakeholders to consume and understand risk and impact
• Write crisp executive summaries for presentation to stakeholders and executives
• Develop innovative accelerators, tools, and mechanisms to develop solutions for complex issues
• Facilitate forums with principal engineers to drive consensus on appropriate solutions
• Develop and propose solutions to solve complex security problems at-scale
About The Team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Basic Qualifications
• 6+ years of experience in two or more of the following security domains: Pentesting, Red Teaming, Security Architecture, Data Analytics, SDLC, and/or Application Security
• 3+ years of experience with AWS technologies and services
• Experience driving deep dive campaigns in large, complex organizations
• Demonstrated proficiency with Python, C/C++, Lua, Golang, or Rust.
Preferred Qualifications
• Experience as a software or devops engineer, or security engineer, working with developer teams that delivered commercial software or services
• Threat modeling experience with proficiency in cloud security architecture best practices
• Proficient in secure code review
• Threat hunting and/or detection engineering with experience in automation and orchestration
• Proficient with effective, if not scrappy, scripting
• Published CVEs, offensive/defensive tools, or articles
• GIAC Defensible Security Architecture (GDSA), OSCP, OSCE3, OSWE, or similar
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
Company - Amazon.com Services LLC
Job ID: A2994299
Apply Now