Senior Security Engineer, Amazon Security

Job Description

Senior Security Engineer, Amazon Security Embark on a Mission to Fortify Amazon's Defenses as a Senior Security Engineer with the Vulnerability Management & Remediation Operations team! Amazon Security is seeking an experienced and innovative Senior Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in Sydney, Australia. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem. As a Senior Security Engineer on the VMRO team, you will: Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications. Lead the detection and analysis of vulnerabilities through the development and optimization of vulnerability scanning, correlation, and prioritization capabilities. Thoroughly investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon. Design and implement automation, tools, and workflows to enhance our operations capabilities. Partner with software engineering and operations teams to identify and increase coverage and detection capability gaps across Amazon. Mentor and train junior security engineers, sharing your expertise in vulnerability management best practices. Collaborate with information security leadership to set the strategic direction for the VMRO program and report on key performance metrics. Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities. If you're excited about the opportunity to make a significant impact on the security of one of the world's largest and most complex technology ecosystems from our Sydney office, we'd love to hear from you! Basic Qualifications BS degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree; or 4+ years equivalent technology experience. 7 years engineering experience in system, network, and/or application security or the development of security products. 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem. 5 years experience and deep knowledge of vulnerabilities, exploits, and vulnerability management systems. 5 years experience developing vulnerability assessment tests, tools, and exploits in Python, Java, etc. 3 years experience building applications or systems on cloud-based services. Preferred Qualifications Understanding of networking, operating system internals, and system design. Experience across the vulnerability management and remediation lifecycle from assessment through remediation. Experience with developing exploits, host-based and container-based detections. Experience with AWS services. Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, disability, age, or other legally protected attributes. #J-18808-Ljbffr