Amazon Security Engineer Proactive 

United States, Washington, Seattle 

709542704

Key job responsibilities
* Application security reviews (Security architecture reviews, threat modeling, code reviews (Java, C/C++, Python) & security testing)
* Security reviews for Web applications, Cloud infrastructure reviews & IoT devices
* Working closely with product developers across hardware and software teams to incorporate security right from the design phase - throughout the development and deployment cycle
* Security guidance documentation & workflow automation
* Security metrics and process improvements contributions
* Assistance with recruiting activitiesA day in the lifeDiverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- Bachelor's degree in computer science or equivalent
- 3+ years of security engineering experience (security architecture reviews, threat modeling, code reviews & secure testing etc.), system and network security, authentication, security protocols, cryptography & application security
- Familiarity with common attack patterns and exploitation techniques for IoT devices, web & mobile applications
- Knowledge of commonly found software security vulnerabilities (like OWASP top 10) and remediation techniques
- Knowledge of basic networking and network security related concepts (TCP/UDP, Firewalls/Switches, Wi-Fi security, TLS, etc.)

- Experience in IoT/embedded device security (hardware & firmware security). Prior experience of working with software and hardware development engineers to build secure IoT devices at scale is advantageous for this role
- Experience with Security Engineering and Assurance methodologies e.g. fuzzing, static and dynamic code analysis
- Strong understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Demonstrable teamwork skills and resourcefulness
- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
- Ability to drive multiple technically complex security reviews together while remaining effective at providing security guidance to stakeholders
- Strong sense of ownership, urgency, and ability to drive initiatives with autonomy