Jobs · Engineering · Washington

Security Engineer II, Vulnerability Management and Remediation Operations

Amazon · Seattle, WA · 2 wk ago
EngineeringFull-time

Vulnerability Management and Remediation Operations

Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer II with the Vulnerability Management & Remediation Operations (VMRO) team!

Key job responsibilities

  • Analyze public and private vulnerability disclosures and exploit code.
  • Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.
  • Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.
  • Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner.
  • Engineer high quality, scalable, and accurate vulnerability detection mechanisms.
  • Design and implement automation, tools and workflows to enhance our operations capabilities.
  • Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.

About the team

Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Basic Qualifications

  • 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
  • 2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
  • Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or 2+ years of IT Security experience
  • Knowledge of networking protocols such as HTTP, DNS and TCP/IP
  • Knowledge of industry-based security vulnerabilities and remediation techniques
  • Experience in troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship experience)

Preferred Qualifications

  • 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
  • Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
  • Experience with AWS products and services
  • Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing

Similar jobs

Cybersecurity Engineer-II

Accenture Federal ServicesVirginia, United States· 2 wk ago
Information Technology$120k–$150k/yrapply on boards.greenhouse.io