Security Engineer III - AMZ9689562

About The Position

Requirements

• Bachelor's degree or foreign equivalent degree in Computer Science, Cybersecurity, Information Security, or a related field and four years of experience in the job offered or a related occupation.
• Must have four years of experience in the following skills: (1) experience in security testing (penetration testing, vulnerability testing, red teaming, bug hunting, CTF experience, or a related field); (2) manually auditing source code (Java, Ruby, Python, JavaScript, Rust, C, or related) to find security issues; (3) scripting in Python or other equivalent interpreted languages; (4) experience with at least two areas of security engineering practices (web application security, network security, authentication and authorization protocols, cryptography, automation, or related); and (5) experience with AWS technologies and services (S3, Lambda, EC2, KMS, and IAM).

Nice To Haves

• Please see job description and the position requirements above.

Responsibilities

• Perform penetration testing of complex proprietary software and hardware for AWS services.
• Manually audit the source code of web services and software authored in house by Amazon.
• Write proof of concept code to demonstrate the severity of a potential security issue.
• Provide clear communication on issues to developers that suggest and help to test the fix.
• Partner with AWS developers to drive improvement in application security as a result of security review engagements.
• Provide actionable long-term risk mitigation guidance to internal and external stakeholders.
• Conduct independent vulnerability research pertaining to AWS relevant technologies.