Share
Key job responsibilities
* Help guide the software development lifecycle of devices at Amazon, from security design, threat modeling to code reviews, security testing and fuzzing
* Be responsible for analyzing the security of the platform components of consumer devices
* Propose, research and develop tools and techniques to improve the security posture of devices at scale
* Provide technical security expertise and consultation to device product teams
* Identify security risks and work with product engineers to create mitigations
* Develop new security policies and procedures
* Empower others to improve their security acumen by promoting awareness and developing training materials
- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Understanding of OS kernel architecture including device drivers, kernel modules, system call interfaces and privilege management. Experience with security technologies like eBPF for system monitoring, memory analysis tools like Valgrind, and dynamic analysis approaches such as fuzzing and symbolic execution (e.g. KLEE, angr). Knowledge of boot process security and kernel hardening techniques. Code review experience in C/C++.
- Experience with programming languages such as Python, Java, C++
- Knowledge of Android OS internals, fundamentals of common wireless connectivity protocols (e.g. Bluetooth, WiFi, Zigbee, Thread) and hardware security mechanisms
These jobs might be a good fit