Amazon Security Engineer Business Information Risk 

United States, New Jersey, Newark 

547820406

ABOUT THIS ROLE
As a Security Engineer II at Audible you will advocate for information security throughout all our software development and business processes. You will work with other Security Engineers, Application Developers and System Engineers to protect our customers and Audible’s business.
As a Security Engineer, you will...
- Perform third party security risk assessment and due diligence, including managing questionnaire response, evidence verification, and report preparation
- Assess and secure third-party integrations, services, solutions and partnerships, ensuring controls are implemented to the highest security standards
- Assess, identify and develop recommendations regarding data protection, insider threat, data sharing, identity and access management
- Execute internal security and confidential information usage security assessments, audits, and investigations
- Assess and prioritize security assessment findings and recommend appropriate mitigations.
- Respond to security violations, vulnerabilities, and incident detections
- Contribute to / provide feedback on the development of security standards and control requirements
- Strong organizational and communication skills, with a demonstrated ability to work in a multi-tasking dynamic environment while maintaining a high level of ownership and accountabilityABOUT AUDIBLE

- Bachelor's degree in computer science or equivalent
- Experience with AWS products and services
- Experience applying threat modeling or other risk identification techniques or equivalent
- 5+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience with the information security principles and the Common Body of Knowledge (CBK) domains and core technologies (CIA, encryption, identity, authN/authZ, SSO, web protocols, and privacy)
- Experience in advocating security best practices for third party integrations (e.g. with SAAS solutions, third-party libraries, etc.)