Responsibilities.
- Risk and vulnerability management and mitigation approaches
- Secure architecture design
- Security tool development and assessment
- Threat modeling and security research
- Security training and outreach to internal development teams
- Security guidance documentation
- Security metrics development, delivery and improvements
Basic Qualifications
- BS in Computer Science or related field, or equivalent work experience
- Minimum of 5 years of experience with any combination of the following: risk and vulnerability management, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Minimum of 3 years of experience in Vulnerability Mitigation, Scanning, Patching and/or threat mitigation approaches in large diverse enterprises
Preferred Qualifications
- Experience implementing security solutions at the business division level
- Hands-on security engineering work including development of tools and scripts
- Excellent written and verbal communication skills
- Strong sense of ownership, urgency, and drive
- A deep understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- An understanding of web services technologies and related-security threats
- Thorough understanding of the Linux operating system
- Experience with one or two programming languages (such as Java, C++, Ruby, Python, Perl, etc.)
- Experience with SQL language and data analytics
- Demonstrable teamwork skills and resourcefulness
- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge
- MS in Computer Science or related field, or equivalent work experience
- Meets/exceeds Amazon’s leadership principles requirements for this role
- Meets/exceeds Amazon’s functional/technical depth and complexity for this role