Job summaryThe Devices and Services (D&S) Trust & Security team works to ensure that our devices and services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining trust and we need to continue to build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders. The team develops security automation for devices & services, performs penetration testing, and handles and tracks incident responses to resolution. The Trust team is responsible for enabling business growth and innovation while honoring data policies and controls that help protect customer trust. We are responsible for defining and executing on the security and privacy requirements across the entire organization.The Amazon Devices team designs and engineers high-profile consumer electronics, including the best-selling Kindle family of products. We have also produced groundbreaking devices like Amazon Echo, Fire tablets, Amazon Fire TV, Echo Show, Echo Spot, and more. What will you help us create? The Role:Amazon Devices is looking for a Security Engineer to ensure that our devices are designed and implemented to the highest standards thus maintaining and enhancing customer trust. If you enjoy identifying issues in hardware and low-level software, this position will provide you with a unique opportunity to secure the next generation of consumer technology. You can learn more about at Lab 126 here: https://www.youtube.com/watch?v=k0UTTxzeGog
. In this role, you will: * Analyze the security of hardware (SoC, MCU, etc.) and low-level operating system components of consumer devices * Identify vulnerabilities on devices, provide mitigations, and validate solutions * Collaborate with product teams to develop new features with an eye on security * Assist in vulnerability analysis and incident response * Perform security reviews * Evaluate and recommend new security tooling and technologies * Develop technologies for automated vulnerability detection * Participate in security operations support * Develop, interpret, and implement security policies and procedures * Develop and deliver general security awareness training Note: While the majority of our Security/Privacy roles are based in the Bay Area, CA and Seattle, WA areas, by applying to this position your application will be considered for all locations we hire for in the United States, including but not limited to: Seattle, WA; Bellevue, WA; Sunnyvale, CA, Austin TX.
* Bachelor’s degree in Computer Science, Electrical Engineering and Computer Science, or 5+ years relevant work experience * 3+ years of hardware security experience or 3+ years of application security experience
* Master’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent * 2+ years of experience in Android security and reverse engineering * Experience with security engineering, system and network security, authentication and security protocols, cryptography, and application security * Experience with the application of threat modeling or other risk identification techniques * Software development experience in Java, C, and C++ * Experience with scripting languages such as Python, Perl, or Ruby* Experience with hardware security, system and network security, authentication and security protocols, cryptography, and application security* 3+ years of hardware security experience or 3+ years of application security experience * 2+ years of security engineering experience* 2+ years of experience and involvement with development team(s) that delivered commercial software, services, or hardware devices* Experience with scripting (e.g. , ruby, bash)* 3+ year of experience with the application of threat modeling or other risk identification techniques* 3+ year of development experience in C, C++, and/or assembly (x86, x86-64, ARM)* Knowledge of common wireless connectivity protocols (e.g. Bluetooth, WiFi, 802.15.4) * Knowledge of hardware security mechanisms, including secure boot, trusted execution environments * Knowledge of operating system internals, with emphasis on Linux and common RTOS environments * Familiarity with system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits * Excellent written and verbal communication skills * Excellent leadership skills and teamwork skills * Results oriented, high energy, self-motivatedkeword: dsts Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.