Pentest Security Engineer II, Devices & Services Pentesting

AmazonAustin, TX
446d$136,000 - $212,800
Match Resume

About The Position

The position involves joining Amazon's penetration testing team to detect and exploit vulnerabilities across a wide range of services and devices, including consumer products and satellite systems. The role focuses on conducting thorough reviews of complex workflows, including authentication mechanisms and web applications, while also innovating automation techniques to enhance testing processes. The team operates under the Amazon Devices and Services Trust & Security organization, aiming to protect customer trust and data through security reviews, offensive testing, and vulnerability assessments. The ideal candidate will work closely with builder teams to identify high-impact security vulnerabilities and provide actionable guidance for remediation.

Requirements

  • 3+ years of experience identifying, exploiting, and recommending solutions to remediate web application and service API vulnerabilities.
  • Experience tracing sources and sinks during code review to identify vulnerabilities and providing contextual remediation guidance.
  • Experience designing and reviewing secure system architectures through the use of Threat Modeling incorporating sophisticated and modern attacks.
  • Knowledge of cloud service providers and their offerings, preferably AWS, and its various technologies and services.
  • Bachelor's degree in Computer Science or related field, or equivalent industry experience.

Nice To Haves

  • Foundational knowledge of hardware security fundamentals.
  • Experience in CTF competitions, CVE research, and/or Bug Bounty recognition.
  • Experience with applying and assessing Machine Learning technologies.
  • Published security research (e.g. conference presentations, whitepapers, blog posts).

Responsibilities

  • Lead and contribute to penetration tests against services and software released by Amazon's Devices & Services organization.
  • Work closely with builder teams to scope pentests, develop test plans, find vulnerabilities, develop proof of concept exploits, report findings, and validate patches.
  • Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques.
  • Review and influence technical solutions to mitigate security vulnerabilities by providing actionable long-term risk mitigation guidance.
  • Lead impactful security improvements in large product lines through close collaboration with partner builder teams.
  • Develop detailed technical documentation describing identified vulnerabilities, associated impact, and recommended remediation.
  • Mentor junior penetration testers and cultivate a culture of collaboration and research sharing.

Benefits

  • Flexible work hours and arrangements
  • Career growth opportunities
  • Knowledge-sharing and training resources
  • Work-life balance initiatives

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Industry

Sporting Goods, Hobby, Musical Instrument, Book, and Miscellaneous Retailers

Education Level

Bachelor's degree

Number of Employees

10,001+ employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service