Amazon Sr Security Engineer AppSec - Amazon Stores 

United States, Washington, Seattle 

616159908

harmony. We have dedicated resources that consistently innovate in reducing on-
Key job responsibilities
* Creating, updating, and maintaining threat models for a wide variety of
software projects.
* Manual and Automated Secure Code Review, primarily in Java, Python and
JavaScript.
* Development of security automation tools.
* Adversarial security analysis using cutting-edge tools to augment manual
effort
* Security training and outreach for internal development teams.
* Security architecture and design guidance
* Independently solve security problems that require novel methods or
approaches
* Influence your team’s and partners’ process, priorities, and choices to
improve outcomes
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 5+ year's experience as a Security Engineer (such as application security, penetration testing, red teaming, incident response, etc.)
- Advanced knowledge and understanding of security engineering, system and network security, authentication an security protocols, cryptography, or application security.
- Experience reading and writing in at least one programming language
- BS degree in Computer Science, Computer Engineering, Electrical Engineering, similar technology degrees or 8+ years' equivalent technology experience

- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+
- 5+ Experience in the Application Security domain
- MS in Computer Science or Cybersecurity
- Development experience in Python and/or Java.
- Secure software development lifecycle experience.
- Knowledge of distributed systems and security protocols.