Amazon Security Engineer AWS Vulnerability Management 

United States, Kansas 

964778859

As a Security Engineer, you will interpret and triage vulnerability disclosures, collaborate with AWS experts on technical solutions, and drive remediation activities across AWS’s vast scale. Your role will involve reviewing and assessing patching requests, diving deep into potential risks, and leveraging your vulnerability management expertise. You'll work closely with service team engineers to understand architectural mitigations and compensating controls, and you'll partner with senior security engineers to review and approve requests.Your impact will be critical in helping AWS maintain top-tier security by balancing risk and service delivery. You'll focus on identifying security trends, enhancing security visibility, and recommending improvements to our security posture.Key job responsibilities
- Establishing a risk-based approach to vulnerabilities
- Standardizing workflows to streamline remediation efforts
- Providing guidance on compensating controls- Authoring risk assessment statements, remediation guidance, audit responses, and status reports- Developing tooling to automate and refine vulnerability management processes
- Identifying and owning projects that continuously improve proactive security across AWS
- Periodic on-call responsibilitiesDiverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- Bachelor's Degree in Computer Science, Computer Engineering, Information Systems or related degree; or 4+ years equivalent technology experience
- 3 years experience in system, network, and/or application security
- 3 years experience in threat modeling and interpreting vulnerability disclosures
- 2 years experience building automated tools in C, C++, Java, Python, Perl, PowerShell, or Ruby

- Preferred qualifications
- Experience in vulnerability management.
- Experience affecting change across complex environments.
- Strong understanding of networking, operating system internals, and system design.
- Experience with AWS services.
- Meets/exceeds Amazon’s leadership principles requirements for this role
- Meets/exceeds Amazon’s functional/technical depth and complexity for this role