Amazon Security Engineer II Identity Access Management 

United States, Texas, Dallas 

881141933

We are seeking a Security Engineer to drive architectural reviews, threat models, develop requirements for corporate IAM adoption efforts, and support Amazon’s Corporate Identity and Access Management initiatives. You will drive programs that improve access management infrastructure across a complex global corporate environment, develop policies and procedures for the identity lifecycle, and provide identity and authN/authZ design review and threat modeling services across the enterprise.Data-driven decisions are important to Amazon. You will draw heavily on your experience collecting, analyzing, and summarizing data to create compelling written and verbal communications to peer teams at all levels.Key job responsibilities- Participate in the analysis, troubleshooting, investigation and remediation of identity security related activities and events.
- Implement and maintain automated security audits to ensure identity workflows adhere to industry standard security requirements.
- Create and maintain scripts to automate the generation of reports across various technologies.A day in the life
* Protecting and securing Amazon authentication and authorization workflows.
* Participate in the analysis, troubleshooting, investigation and remediation of identity security related activities and events.
* Implement and maintain automated security audits to ensure identity workflows adhere to industry standard security requirements.
* Create and maintain scripts to automate the generation of reports across various technologies.* Work with teams on technologies such as Windows Single-Sign-On, Kerberos, FIDO/FIDO2, Passwordless Authentication, AuthZ, AuthN and Auditing.
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- Minimum 3 years of experience in identity and access management (IAM) programs
- Demonstrable knowledge of current technologies in authentication, federation, and identity management space, such as OAuth 2.0, OpenID Connect, SAML, SCIM, U2F/UAF/FIDO2, HOTP, TOTP
- Familiarity with using biometrics for authentication and managing related privacy considerations
- Familiarity with relevant identity-oriented standards, such as NIST800-63 and GDPR
- 3+ years of security experience with one or more domains in the common body of knowledge (CBK)

- Bachelor's degree
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP