Amazon Security Engineer II Alexa Fire TV 

United States, Washington, Seattle 

327321035

In this role you provide guidance to the Alexa and Fire TV business and engineering teams on how to protect our customers and their data. You'll participate in feature and product designs, review new and existing services, and help engineering teams mitigate the risks. You'll also contribute to developing detection tools and promote security automation. Your goal is to discover the risks early, when they're easier and cheaper to address, automating this discovery and mitigation whenever possible.Key job responsibilities
* Develop a relationship with the business teams to understand their products, the risks, and the mitigations that support their goals.
* Learn and teach the security policies, best practices and paved paths.
* Review application architectures. The environment will typically be a Linux-based OS running on AWS, though sometimes on a device.
* Develop threat models
* Review security controls in code and cloud configurations
* Assist teams with mitigations through documentation and proof of concept demonstrations in code and configurations.
* Assist in developing automated detection software for both pre-launch and post-launch risks.
* Assist in gathering metrics on the effectiveness of our security workA day in the life
Whether you work in the Seattle area or Sunnyvale, you'll have other security engineers around to collaborate with on novel risks and to brainstorm fixes.You'll regularly meet with the product engineering teams to learn about their work and to help them adopt security best practices.

- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP

- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience with AWS products and services
- Experience with programming languages such as Python, Java, C++
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience with streaming protocols, including STUN, TURN, RTSP, RTMP, HLS, WebRTC, MQTT, and WebSockets
- Experience with Android OS security controls.