Security Engineer, Leo Security
About the role
The Leo Security team owns the security of product and operations of Leo end-to-end. We provide the necessary infrastructure and mechanisms to ensure the security of our satellite constellation and to protect the integrity and confidentiality of our customer data. Our team drives the research & development, deployment and operation of several mission-critical security systems and mechanisms.
Responsibilities
- You will help define develop and implement Leo's detection pipeline.
- You will advocate for the creation & deployment of new testing tools, and detection mechanisms.
- You’ll identify design & implementation defects and build compensating detective controls.
- You'll support product development processes by providing consultation services on difficult security decisions.
- You will collaborate with business leaders to define security priorities.
- You will support product leaders by acting as a trusted advisor.
- You will support leaders by providing them with direction that makes security easy.
- You will help leaders measure their org's security execution.
- You'll guide teams towards outcomes that produce products that safely handle customer data.
- You will collaborate with builder teams to assess technical debt and risk.
- You will provide strategic direction that addresses vulnerabilities and fortifies our products.
- You will be a resource that leads the burn down of long-term risk.
- You will instill a security culture in builder teams.
- You will mentor builders who aspire to become security advocates & security engineers via 1-1 sessions & office hours.
- You will assist Red Teams in identifying security testing priorities.
- You will assist in scoping penetration tests and help deep-dive on these engagements.
- You will investigate emerging security issues, root cause them, and devise mechanisms to detect them.
Requirements
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- 3+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
- 3+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience
- Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
- Knowledge of industry-based security vulnerabilities and remediation techniques
Qualifications
- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Experience with AWS products and services
- Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing
Skills
- Knowledge of networking protocols such as HTTP(S), DNS, and TCP/IP
Benefits
Amazon offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.
Pay
Base salary range for this position is $159,300.00 - $202,400.00 USD annually.
Schedule
Redmond, WA, USA