Application Security Engineer, AWS Proactive Security

$125,500 - $212,800/Yr

Amazon - New York, NY

posted 16 days ago

Full-time - Mid Level
New York, NY
10,001+ employees
Sporting Goods, Hobby, Musical Instrument, Book, and Miscellaneous Retailers

About the position

The Application Security Engineer at AWS Security is responsible for ensuring that Amazon's services, applications, and websites are designed and implemented to the highest security standards. This role involves analyzing the security of applications, discovering and addressing security issues, building security automation, and responding to new threat scenarios. The engineer will also mentor junior engineers and contribute significantly to the AWS IT Security team and other groups within Amazon.

Responsibilities

  • Conduct application security reviews including architecture reviews, threat modeling, code reviews, and security testing.
  • Perform mobile security reviews.
  • Engage in projects and research work as needed.
  • Provide security training and outreach to internal development teams.
  • Create security guidance and documentation.
  • Automate security workflows.
  • Deliver security metrics and implement process improvements.
  • Assist with recruiting activities and administrative work.

Requirements

  • BS in Computer Science or related field, or equivalent work experience.
  • Minimum of 2+ years of experience in security engineering, system and network security, authentication and security protocols, cryptography, or application security.
  • Familiarity with common attack patterns and exploitation techniques for web & mobile applications and IoT devices.
  • Knowledge of commonly found software security vulnerabilities (like OWASP top 10) and remediation techniques.
  • Understanding of basic networking and network security concepts (TCP/UDP, Firewalls/Switches, Wi-Fi security, TLS, etc.)

Nice-to-haves

  • Strong understanding of network and web-related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
  • Experience with Security Engineering and Assurance methodologies such as fuzzing, static and dynamic code analysis.
  • Experience with IoT/embedded device security (hardware & firmware security).
  • Demonstrable teamwork skills and resourcefulness.
  • Self-driven with the ability to move initiatives forward despite ambiguity.
  • Ability to manage multiple technically complex security reviews while providing effective security guidance to stakeholders.
  • Strong sense of ownership, urgency, and excellent written and verbal communication skills.

Benefits

  • Flexible work hours and arrangements
  • Training and career growth opportunities
  • Diversity and inclusion initiatives
  • Work-life balance support

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service