Security Engineer, AWS Industry products

Job summaryThe AWS Industry Products Organization is chartered to build new, general availability software for Supply Chain, Automotive, Energy, Sustainability and Manufacturing industries. We apply Amazon’s innovation mechanisms alongside with external customers, outcome-drive engineering mechanisms, and AWS digital technologies to produce outcomes that address real world industry problems. We dive deep with industry leaders to solve problems and unblock large industry players, enabling them to capitalize on new digital business models. We are looking to build a team of security engineering professionals that can guide software engineers, solution architects, and product managers within Amazon and its external partners to achieve our mission. A day in the lifeIn this role, you will: conduct proactive vulnerability assessments perform penetration testing, both white box and black box  provide mitigations and validate solutions for findings originating from assessments  facilitate security reviews, act as a lesion between engineering and security organizations to define threat models and mitigate them  evaluate and recommend new security tooling and technologies, automate defense and offensive security for the organization  develop, interpret, and implement security policies and procedures to ensure general security awareness  … and much more! Note: While the majority of our team is based in the Seattle, WA areas, by applying to this position your application will be considered for all locations we hire for in the United States, including but not limited to: Seattle, Austin, New York, Arlington and Bay Area.

Basic Qualifications

 Bachelor’s degree in Computer Science, Electrical Engineering and Computer Science, or 3+ years relevant work experience in any of application security, security engineering, working closely with development teams to deliver commercial software, services or hardware devices 3+ year of experience with the application of threat modeling or other risk identification techniques Experience with security engineering, system and network security, authentication and security protocols, cryptography, and application security Experience with the application of threat modeling or other risk identification techniques Software development experience in Java, C, and C++. Experience with scripting languages such as Python, Perl, or Ruby

Preferred Qualifications

 Master’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent Experience with hardware security, system and network security, authentication and security protocols, cryptography, and application security 3+ year of development experience in C, C++, and/or assembly (x86, x86-64, ARM) Knowledge of common wireless connectivity protocols (e.g., Bluetooth, WiFi, 802.15.4) Knowledge of hardware security mechanisms, including secure boot, trusted execution environments Knowledge of operating system internals, with emphasis on Linux and common RTOS environments Familiarity with system security vulnerabilities and remediation techniques, including penetration testing and the development of exploitsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.