Security Engineer, Vulnerability Management and Remediation Operations

Amazon Vulnerability Management and Remediation (VMR) is looking for a Security Engineer to join our Vulnerability Discovery Operations team. Our team is responsible for the discovery, assessment, triage, and remediation of vulnerabilities across Amazon. We are data-driven, set big goals, and are always challenging ourselves and each other to identify better solutions and take on new challenges. Our team offers the unique opportunity to work with leading industry security experts and engage across Amazon teams and leadership.

As a Security Engineer in VMR, you will play a central, hands-on-keyboard role in proactively identifying and remediating security issues at Amazon. You will be part of a global-scale vulnerability discovery service supporting a diverse technical ecosystem. Your teammates are an international team of security engineers, software developers, and technical program managers dedicated to continuously raising the security bar., Hands-on operations and maintenance of Amazon's global vulnerability discovery tools and infrastructure
Work with senior security engineers to extend vulnerability discovery services to new teams and technologies
Help customers and partner teams with vulnerability discovery services by identifying solutions and offering technical support
Work with VMR teams and stakeholders to continuously improve discovery services and processes.
Periodic on-call responsibilities.

Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- 5 years security engineering experience in system, network, and/or application security
- 5 years experience developing vulnerability assessment tests with Python or Java.
- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem
- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.
- 3 years experience building cloud-based services, Experience with AWS products and services
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.