Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Amazon Sr Security Engineer AppSec - Amazon Stores 
United States, Washington, Seattle 
426747734

16.09.2024
DESCRIPTION


prioritizing risks to guide their partners towards secure solutions.
Key job responsibilities
* Creating, updating, and maintaining threat models for a wide variety of software projects.
* Manual and Automated Secure Code Review, primarily in Java, Python and JavaScript.
* Development of security automation tools.
* Adversarial security analysis using cutting-edge tools to augment manual effort.
* Security training and outreach for internal development teams.
* Security architecture and design guidance.
* Independently solve security problems that require novel methods or approaches.
* Influence your team’s and partners’ process, priorities, and choices to improve outcomes.About the team
About Amazon Security:
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

BASIC QUALIFICATIONS

- Bachelor's degree
- Broad and deep knowledge across application security domains
- 8+ years of Application Security or Development experience
- Experience with the application of threat modeling or other risk identification techniques.
- Scripting skills (e.g., python, java)


PREFERRED QUALIFICATIONS

- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+