Amazon Offensive Security Engineer AWS Bug Bounty 

United States, Texas, Arlington 

312956035

The primary responsibility of this role is to leverage your experience and internal knowledge of AWS systems to effectively triage a diverse set of incoming reports which can pertain to any of AWS's 200+ services. As part of this role you will act as the escalation point for fellow members of the team and are expected to be an experienced pen-tester. Technical dive deep and curiosity are a way of life on this team in order to establish the true severity of a report and what defense in depth mechanisms need to happen beyond just an immediate patch.Automation is the key to scaling and innovation at AWS and in this role you will own writing automation to reduce the load on humans; everything from developing ticketing, reporting and trend identification automation.This role will provide you with challenging opportunities, both technologically and as a leader to grow AWS’s Bug Bounty Program into the best on planet Earth.Key job responsibilities
- Researching, reproducing, and responding to security vulnerabilities reported through the bug bounty program
- Technical Escalation
- Managing relationships with external security researchers working with AWS's bug bounty program
- Perform deep analysis of new vulnerability classes- Influencing and driving program direction
- Identify and drive resolution of vulnerability trends
- Attend industry conferences and assist in hosting on site hack-a-thons and other researcher engagement activitiesA day in the lifeDiverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP

- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience with AWS products and services
- Experience with programming languages such as Python, Java, C++