Amazon Application Security Engineer Enablement External Environments 

United States, Virginia 

578160626

Key job responsibilities
· Conduct security reviews of internal usage of third-party (3P) vendor software.
· Develop and implement tooling to automatically assess the secure configuration of third-party (3P) vendor software.
· Provide security guidance documentation.
· Work with engineering teams across Amazon to prioritize security issues identified during security review.
· Provide expert advice and consultancy to internal customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigation.
· Implement information security controls and patterns that support risk assessments and the development of secure architectures.
· Collaborate with engineering teams to drive product roadmaps, by providing security requirements that map security controls to service features.
· Address bottlenecks, provide escalation management, anticipate and make tradeoffs, and balance the business needs versus technical constraints.
· Partner with multiple teams across multiple locations with varying sets of priorities to ensure a timely delivery of the secure solutions.
· Clarify and drive project commitments as well as establish and maintain clear chains of accountability.
· Lead internal process improvement projects, including the development and implementation of internal security tools.
· Provide security training and outreach to internal development teams.
· Provide assistance with metrics delivery and improvements.
· Provide assistance with recruiting activities and administrative work.
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- BS in Computer Science or related field, or equivalent work experience
- 3+ years of experience with at least two of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, penetration testing, cloud security, mobile security, and network security
- Experience reading and writing in at least one programming language