Description

Come join the Marketplace Team in our mission to change the way enterprise software are bought and sold! Marketplace enables software sellers to reach all customers; and enables software buyers to easily discover, purchase and consume software. Our goals include enriching the platform to support more diverse selection, improving buyer and seller experience and implementing new ideas to add new dimensions to the product. Our vision is to make Marketplace one stop shop for buying and selling software just like Amazon.com is for retail.

The Amazon Web Services (AWS) Marketplace Trust team is looking for a Security Engineer who has a strong passion for security-at-scale. You will be on a team responsible for the design & implementation of continuous assessments and technology helping teams maintain insight to the integrity of their development, deployment, monitoring, and incident response processes. You should be able to help ensure our services, applications, and websites are designed and implemented to the highest security standards. Your core responsibilities include

1. Contribute to the design, implementation, and execution of security review and test methodologies for the recurring and holistic testing of a critical group of AWS production services. Ensure remediation of risks by partnering with service teams.

2. Perform design review, threat modeling, security review, penetration testing, and red teaming on production systems for AWS services.

3. Scope and perform penetration testing & vulnerability research of complex proprietary software and hardware for AWS services.

4. Work closely with the AWS Security teams to develop large scale, cutting edge, testing, monitoring, remediation solutions.

5. Work closely with other internal development teams across AWS Security to create comprehensive security tooling and functional improvements at scale.

6. Demonstrate “exceptional” judgment, integrity, business acumen, and communication skills.

7. Prepare and present detailed, written technical information for internal and external audiences.

Basic Qualifications

• 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience

• Bachelor's degree in computer science or equivalent

• Knowledge of networking protocols such as HTTP, DNS and TCP/IP

Preferred Qualifications

• 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience

• Experience with AWS products and services

• Experience with programming languages such as Python, Java, C+Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.