המקום בו המומחים והחברות הטובות ביותר נפגשים
In this role, you will be responsible for implementing and maintaining technical security controls for a multi-cloud infrastructure while maintaining a high security bar that is in line with Amazon InfoSec and industry standard information security frameworks. This role will provide you with an opportunity to work across a broad set of systems and services, and if being in a dynamic multi-cloud environment and experimenting with the newest technologies sounds exciting to you, it will also be a lot of fun.You will be engaging with teams working on exciting new technologies, requiring highly customized security judgment outside of existing IT and security structures. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and decisively taking action to remediate emerging threats throughout a full secure development life-cycleYou will be partnering with system and software engineers and Amazon InfoSec to raise the security bar through secure design and architecture in a multi-cloud environment. You are a trusted resource on secure development and implementation practices, and work closely with engineers to identify opportunities to improve developer velocity and program efficiency while maintain a high security and privacy bar. You will also lead work-streams to identify and prioritize security problems that can be detected using automation, and develop detection prototypes for security problems to enhance our toolset for static and dynamic analysis.Key job responsibilities
- Shape new services through security review of design, architecture, and implementation
- Champion and implement secure development life-cycle (SDLC) practices including threat modeling and security testing.- Lead and execute security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership.
- Surface security improvement opportunities for AWS to senior leadership.- Perform proactive risk assessments to identify threats to IT assets.- Support projects, create SOPs, and serve as an escalation point for information security issues.
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience applying threat modeling or other risk identification techniques or equivalent
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience with AWS products and services
משרות נוספות שיכולות לעניין אותך