Security Engineer, Amazon

• If you enjoy working at scale in a rapidly changing environment and influencing the protection of our customers within a large global organization, this position will provide you with a challenging opportunity
• The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with two or more areas of deep expertise.
• In their communication, they will clearly articulate risks to technical and non-technical audiences alike.
• Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions
• Bachelor's degree in computer science or equivalent
• 5+ years of relevant Information Security experience
• Minimum of 3 years of experience with at least two of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, penetration testing, cloud security, mobile security, and network security
• Intermediate knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security
• Ability to discover and communicate deep technical issues in terms of business risk with subject matter specialists, non-experts and senior leaders

Desirable

• The Third Party Security (TPS) team looking for a highly motivated Security Engineer. TPS is responsible for managing security risks of using third parties and third party products which get access to Amazon’s data.
• TPS helps with security risk reduction, by identifying required security measures, helping determine acceptable methods of meeting security control objectives including application of compensating controls or other risk-reduction activities.
• As a Security Engineer, you will collaborate with business teams, software development teams, security engineering teams and Third Parties to identify security risks and lower security risks to an acceptable level.
• In this role you may contribute by conducting security deep-dives, consulting on securing integrations of third party products with Amazon services, advising on security configurations, building mechanisms to identify and monitor usage of third parties by Amazon, and improving existing capabilities of the TPS team
• Independently solving security problems that require novel methods or approaches
• Developing security architecture and design guidance
• Leading security projects (including security reviews, and creation of new security practices) with end-to-end ownership
• Developing of prototypes of security automation tools
• Creating, updating, and maintaining threat models for a wide variety of use cases
• Acting as technical subject matter expert on risk-based security reviews and assessments
• Collecting/reviewing data from multiple sources to take a security decision
• Communicating security findings to senior leadership and other stakeholders
• Serving as an advisor on security issues for business teams
• Influencing your team’s and partners’ process, priorities, and choices to improve outcomes
• Building, evolving, and improving sustainable processes and measurement systems to ensure delivery on security goals

Amazon is the world's largest online retailer, and is well-known for its disruption of well-established industries. The company is present in numerous verticals, including cloud computing with Amazon Web Services, AI with its range of Alexa devices and a global marketplace more commonly referred to as 'the everything store'. Acquisitions include Ring, Twitch, Whole Foods Market, and IMDb.