Job Summary
A Senior Security Engineer in Corporate Services Security (CPSS) will work with software development teams to ensure the security of our customers. This role requires a strong technical background, excellent communication skills, and the ability to lead by influence.
Responsibilities:
* Create, update, and maintain threat models for web applications hosted on cloud platforms.
* Perform manual and automated secure code reviews, primarily in Java, Python, and JavaScript.
* Develop security automation tools.
* Conduct adversarial security analysis using the latest tools.
* Provide security training and outreach for internal development teams.
* Offer security architecture and design guidance to application development teams.
* Solve complex security problems independently.
* Influence team processes, priorities, strategy, and choices using data-driven approaches.
* Provide technical and strategic guidance to senior leaders and stakeholders.
About the Team
Corporate Services Security values diverse experiences and encourages candidates from non-traditional backgrounds to apply.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services.
Requirements
* Minimum of 8 years of web application security industry experience.
* Intimate knowledge of security engineering, web application security, system and network security, authentication and security protocols, cryptography.
* Experience reading and writing in at least one programming language.
* BS in Computer Science or related field, or equivalent work experience.
* Demonstrated ability of judgement in assessing and prioritizing technical risk.
* Strong application security background with a focus on scalable solutions.
* Experience building and securing complex AWS architecture.
* Proven experience identifying and removing bottlenecks for your teammates.
* Experience securing Finance applications.
* Proven experience shaping the strategy of a Product Security Team.
* Demonstrated experience influencing security strategy across organization.