Pentest Security Engineer, Devices & Services Pentesting
Description For Pentest Security Engineer, Devices & Services Pentesting
Amazon's Devices and Services Trust & Security (DSTS) organization is seeking a talented Pentest Security Engineer to join their penetration testing team. This role offers an exciting opportunity to work on detecting and exploiting vulnerabilities across Amazon's vast ecosystem, from consumer services and devices to Kuiper satellites.
The position is part of a growing team formed in 2014, dedicated to protecting customer trust, data, and systems. The team's scope is impressive, securing over 100+ device types, 12,000+ services, and 100+ product lines developed by more than 16,000 builders.
As a Pentest Security Engineer, you'll conduct in-depth security reviews of complex service workflows, including authentication mechanisms, AI systems, mobile applications, and web service APIs. You'll have the opportunity to innovate using cutting-edge techniques including AI/LLMs, fuzzing, and static analysis.
The role combines technical challenges with significant impact - you'll be responsible for protecting millions of Amazon customers while working with state-of-the-art technology. The position offers excellent work-life balance with flexible scheduling options and a strong emphasis on professional development.
Key aspects of the role include:
- Conducting penetration tests on Amazon's devices and services ecosystem
- Developing proof of concept exploits and providing actionable remediation guidance
- Collaborating with builder teams to improve security across products
- Contributing to program improvements and technical documentation
- Opportunity to work with diverse technologies from web services to satellite systems
The team values knowledge sharing and mentorship, making it an excellent environment for growth. While technical skills are important, the role also emphasizes communication abilities and prioritization skills. The position offers competitive compensation ($125,500-$212,800 based on location) plus comprehensive benefits.
This is an ideal opportunity for security professionals passionate about finding vulnerabilities, developing security tools, and making a direct impact on consumer device security. The role offers exposure to diverse technologies and the chance to work on some of Amazon's most innovative products.
Responsibilities For Pentest Security Engineer, Devices & Services Pentesting
- Conduct penetration tests against services and software
- Analyze and identify security vulnerabilities using automated and manual tools
- Review and influence technical solutions for security vulnerability mitigation
- Develop detailed technical documentation for vulnerabilities and remediation
- Collaborate with builder teams to find vulnerabilities and develop proof of concept exploits
Requirements For Pentest Security Engineer, Devices & Services Pentesting
- Bachelor's degree in Computer Science or related field and 1+ year of experience or 3+ years of equivalent industry experience
- Core understanding of web application and service API vulnerabilities
- Experience in code review and vulnerability identification
- Experience in secure system architecture design and threat modeling
- Knowledge of cloud service providers, preferably AWS
Benefits For Pentest Security Engineer, Devices & Services Pentesting
- Medical Insurance
- Financial Benefits
- Work-Life Balance
- Career Growth Opportunities
- Flexible Schedule
