Senior Security Engineer, Vulnerability Management

Verified Job On Employer Career Site

Job Summary:

Amazon Web Services (AWS) is looking for a passionate, innovative, and motivated Security Engineer for the AWS Security Vulnerability Management team. In this role, you will solve complex security challenges, build and implement solutions to identify software-based risks, and collaborate with various teams to enhance security processes across AWS services.

Responsibilities:

• Build and implement solutions to identify software based risks in AWS services.

• Perform vulnerability and impact assessments taking into account base, temporal, and environmental factors.

• Query, analyze, and report on large datasets.

• Work with a team of software and security engineers that design, build, and own software solutions that solve complex security challenges for AWS and our customers.

• Diving into large datasets to identify potential risks.

• Perform severity assessments of software vulnerabilities.

• Work with software builders to apply environmental context against findings to adjust risk scores.

• Implement automation to improve operational throughput and efficiency.

• Work with partner teams to propose and implement functionality to reduce risks at scale.

• Assess critical vulnerabilities across container workloads and emerging assets like IoT devices, firmware, and AI systems.

• Collaborate with various product teams to enhance scanning methodologies and remediation strategies.

• Conduct deep dives with system owners to improve automation processes and reduce false positives.

• Mentor junior engineers on security evaluations for corporate assets and containerized environments.

• Develop KPIs to measure security improvements and reduced builder impact.

• Update runbooks and strategize ways to elevate security standards while minimizing toil for builder teams across diverse and unconventional asset types.

Qualifications:

Required:

• 6 years of experience in identifying security issues and risks, and developing mitigation plans

• 4 years of experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services

• 4 years of scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C , C#, Perl, or other languages

• 2 years of experience in one or more of the following areas: cryptography, web and network protocols, data structures and algorithms, software development, threat modeling, pen tests, or vulnerability assessments

Preferred:

• Understanding of cloud computing services/deployment architecture

• Experience in innovative security approaches in non-traditional IT environments

• Experience generating automated metrics to measure service and program effectiveness and consistency

• Excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences

• Experience in the development of security products

Company:

Amazon is a tech firm with a focus on e-commerce, cloud computing, digital streaming, and artificial intelligence. Founded in 1994, the company is headquartered in Seattle, Washington, USA, with a team of 10001 employees. The company is currently Public Company. Amazon has a track record of offering H1B sponsorships.