Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Amazon Security Engineer II Ads 
United States, New York, New York 
615340882

17.06.2024
DESCRIPTION

The ideal candidate will have a robust background in security program management, experience in establishing security standards for cross-cloud deployments, and a deep understanding of cloud security, particularly within AWS platforms. You will conduct independent security reviews, oversee penetration tests as necessary, and provide guidance to stakeholders on remediation strategies and best practices for integrating security into their application platforms. Your role will be pivotal in ensuring the protection of customer data and critical infrastructure within the Ads organization.
Key job responsibilities
As a Security Engineer within Amazon’s Ads Security team, you will play a crucial role in ensuring that applications across numerous Ads platforms are designed and executed with the highest security standards to maintain customer trust. You will tackle a diverse array of security challenges, ranging from novel threats in Ads services to selecting and implementing scalable and secure features such as key management solutions and encrypted storage. Additionally, you will serve as a subject matter expert, providing guidance to developers on building secure products and fostering a security-conscious culture within the organization.* Collaborate directly with service and platform owners to advise on security best practices and tool implementation.* Coordinate and oversee penetration testing activities for platforms and tools.
A day in the life
Activities in this role include:
• Identifying security issues and risks, review & approve mitigation plans for Ads products.
• Influencing product teams and senior leadership to implement practices that maintain a high security bar.
• Advising teams developing products on the correct components that deliver security features like key management, authentication, encryption, etc.
• Proposing, collaborating & obtaining buy-in on strategic security initiatives.
• Recommending and developing security-focused tools that help product teams prevent security misconfigurations & vulnerabilities in the design & implementation of features.
• Developing and interpreting security policies and procedures to form security requirements.
• Developing training that promotes general security awareness and informs developers on how to discover & mitigate security vulnerabilities in their products.
• Deciding which new security tooling and strategies should be pursued for scalable security in service development.
• Supporting incident response activities as a security subject matter expert.About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

BASIC QUALIFICATIONS

- Bachelor's degree in computer science or equivalent
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- 5+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience implementing security solutions at the business division level or equivalent


PREFERRED QUALIFICATIONS

- Experience with programming languages such as Python, Java, C++
- Experience with AWS products and services
- Experience with service-oriented architecture and web services security
- Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)