Amazon Security Engineer Devices Services Vulnerability Management 

United States, Texas, Arlington 

890518291

Key job responsibilities
- Developing and tuning custom, open source and third-party high quality automated detection tools (e.g. static analyzers, fuzzers, scanners, etc.) to perform variety of security vulnerability analysis (SAST, DAST, SCA, etc.)
- Reviewing output of automated detection tools for accuracy- Providing actionable long-term risk prioritization and mitigation guidance to drive security improvements at scale
- Proposing mechanisms for integrating security detection tools into the development lifecycle
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Bachelor's degree in computer science or equivalent
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security

- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience with AWS products and services
- Knowledge of common software security vulnerabilities (memory corruption, privilege escalation, web application exploitation, protocol-based weaknesses, etc.) and analyzing their impact
- Working experience with vulnerability detection tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Open Source Composition Analysis (SCA)
- Experience with scripting (Python bash, etc.)