Pentest Security Engineer II, Devices & Services Pentesting
Description For Pentest Security Engineer II, Devices & Services Pentesting
Join Amazon's elite penetration testing team within the Devices and Services Trust & Security (DSTS) organization, focusing on detecting and exploiting vulnerabilities across Amazon's vast portfolio. From consumer services to Kuiper satellites, you'll conduct in-depth security reviews of complex service workflows, including authentication mechanisms, AI, mobile applications, and web APIs.
The role combines technical expertise with innovation, as you'll work on automating and improving testing processes using AI/LLMs, fuzzing, and static analysis. DSTS, established in 2014, protects over 100+ device types, 12,000+ applications, and 100+ product lines used by more than 16,000 builders. You'll be instrumental in securing Amazon's service ecosystem through penetration testing, vulnerability assessments, and remediation guidance.
As a Pentest Security Engineer II, you'll collaborate with builder teams and product owners, diving deep into service architectures and source code. The position offers challenging technical opportunities in a dynamic environment where you'll directly impact the security of millions of Amazon customers. You'll need excellent prioritization skills and the ability to communicate effectively at all levels.
The team values work-life balance, offering flexible scheduling and a supportive environment that celebrates knowledge sharing and mentorship. With a diverse mix of experience levels, the team focuses on career growth and professional development. While primarily US-based, the position considers candidates globally, though you should be able to accommodate US time zones for meetings.
This role is perfect for security enthusiasts passionate about finding vulnerabilities, developing testing tools, and seeing their work make a real difference in protecting Amazon's consumer devices and services. You'll be part of a growing organization that's shaping the future of Amazon's service security, making it an exciting opportunity for mid to senior-level security professionals.
Responsibilities For Pentest Security Engineer II, Devices & Services Pentesting
- Lead and contribute to penetration tests against services and software
- Analyze and identify security vulnerabilities using automated and manual tools
- Review and influence technical solutions to mitigate security vulnerabilities
- Lead security improvements in large product lines
- Develop detailed technical documentation
- Mentor junior penetration testers
Requirements For Pentest Security Engineer II, Devices & Services Pentesting
- 3+ years of experience identifying, exploiting, and remediating web application and service API vulnerabilities
- Experience in code review and vulnerability identification
- Experience in secure system architecture design and threat modeling
- Knowledge of cloud service providers, preferably AWS
- Bachelor's degree in Computer Science or related field, or equivalent industry experience
Benefits For Pentest Security Engineer II, Devices & Services Pentesting
- Flexible work schedule
- Career growth opportunities
- Mentorship program
- Work-life balance
- Comprehensive medical benefits
- Financial benefits
- Total compensation package including equity
Jobs Related To Amazon Pentest Security Engineer II, Devices & Services Pentesting
