Security Engineer, AWS Vulnerability Management

Amazon

Amazon Web Services (AWS) is the world's leading cloud platform providing scalable, reliable, and innovative cloud computing solutions.

Washington, DC, USA

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

4+ years of experience

Enterprise SaaS · Cybersecurity · Cloud

Description For Security Engineer, AWS Vulnerability Management

Join AWS Security's Vulnerability Management team as a Security Engineer in a role that puts security at the forefront of cloud computing. As part of AWS, where "security is job zero," you'll be working with a creative, diverse, and collaborative team that's revolutionizing security practices at an unprecedented scale.

The position offers the opportunity to work on critical security challenges that directly impact every AWS customer. You'll be responsible for identifying security risks, analyzing big data, and building automated solutions that enhance AWS's security posture. The role combines technical expertise with strategic thinking, as you'll work across all of AWS, interacting with product teams, industry specialists, and organization leaders.

Your day-to-day work will involve diving into large datasets, performing vulnerability assessments, and implementing automation solutions to improve security operations. You'll leverage AWS's full technology stack to build services that protect both internal and external customers from security threats. The position requires someone who can prioritize effectively, think creatively, and maintain high standards while following security engineering best practices.

The team culture emphasizes continuous learning, diversity, and inclusion, with ongoing DEI events and learning experiences. AWS Security values diverse experiences and perspectives, recognizing that the most challenging security problems require a variety of viewpoints and approaches. The organization offers excellent career growth opportunities, with resources for knowledge-sharing and professional development.

Working at AWS Security means joining a proven leader in various security domains, including cloud services, IoT, identity and access management, and more. The role offers the chance to make a significant impact while working with cutting-edge technology and some of the industry's brightest minds. If you're passionate about security, automation, and working at scale, this position offers an exceptional opportunity to grow your career while contributing to the security of AWS's global infrastructure.

Last updated 3 months ago

Responsibilities For Security Engineer, AWS Vulnerability Management

Build and implement solutions to identify software based risks in AWS services with a focus on automation
Perform vulnerability and impact assessments taking into account base, temporal, and environmental factors
Query, analyze, and report on large datasets
Work with software builders to apply environmental context against findings to adjust risk scores
Implement automation to improve operational throughput and efficiency
Serve as a security thought leader for the team and AWS Security

Requirements For Security Engineer, AWS Vulnerability Management

Python

Java

Linux

BS degree in Computer Science, Computer Engineering, Information Systems or related degree; or 4+ years equivalent technology experience
3 years experience in system, network, and/or application security
3 years experience in threat modeling and interpreting vulnerability disclosures
2 years experience building automated tools in C, C++, Java, Python, Perl, PowerShell, or Ruby
Strong understanding of networking, operating system internals, and system design

Benefits For Security Engineer, AWS Vulnerability Management

Medical Insurance

Dental Insurance

Vision Insurance

Flexible work hours
Career development and training opportunities
Diverse and inclusive work environment
Work-life harmony

Amazon

Amazon Web Services (AWS) is the world's leading cloud platform providing scalable, reliable, and innovative cloud computing solutions.

Washington, DC, USA

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

4+ years of experience

Enterprise SaaS · Cybersecurity · Cloud

Amazon

Given an array representing server processing powers, merge consecutive servers if the next server's power is greater than the current. What is the final array of server powers after all possible merges are done?

Data Structures & AlgorithmsHard

You are given an array of servers represented by their processing power. You want to join consecutive servers together to form larger, more powerful servers. You can only join server i with server i+1 if the processing power of server i+1 is strictly greater than the processing power of server i. This joining process can cascade, meaning that if you join i and i+1, and the new combined processing power is less than i+2, you can then join the combined server with i+2, and so on. The goal is to maximize the number of these larger servers. For example: Consider the array [1, 2, 3, 4, 5]. You can join 1 and 2 to form 3. Then you can join 3 and 3 to form 6. Then you can join 6 and 4 to form 10. Finally, you can join 10 and 5 to form 15, resulting in one server with processing power 15. Consider the array [5, 4, 3, 2, 1]. You cannot join any servers because the processing power is always decreasing. Consider the array [1, 3, 2, 4, 1, 5]. You can join 1 and 3 to get 4. You cannot join 4 and 2. You can join 2 and 4 to get 6. You cannot join 6 and 1. You can join 1 and 5 to get 6. The final servers will be [4, 6, 6]. Write a function that takes an array of integers representing server processing powers and returns the final array of server processing powers after performing all possible joins.

Arrays

Greedy Algorithms

Amazon

Explain memory management in operating systems with virtual memory, page replacement, fragmentation, and security.

System DesignHard

Let's delve into the fascinating world of operating systems. Imagine you're designing a new OS, and you need to implement a memory management system. Discuss the following: Virtual Memory: Explain the concept of virtual memory. How does it help in managing memory efficiently, especially when dealing with processes that require more memory than physically available? Provide a specific example of a scenario where virtual memory shines, such as running multiple large applications concurrently on a system with limited RAM. What are the benefits and drawbacks of using virtual memory? Specifically discuss the performance overhead associated with page faults. Page Replacement Algorithms: Describe different page replacement algorithms (e.g., FIFO, LRU, Optimal). For each algorithm, provide a step-by-step example using a reference string of page accesses (e.g., 1, 2, 3, 4, 1, 2, 5, 1, 2, 3). Calculate the number of page faults for each algorithm. Discuss the trade-offs between the complexity of the algorithm and its performance in terms of minimizing page faults. Explain a situation where FIFO would perform worse than LRU, and vice versa. Memory Fragmentation: Explain internal and external fragmentation. Give examples for each. What are the causes of each type of fragmentation? What strategies can be used to mitigate memory fragmentation (e.g., compaction, paging, segmentation)? Discuss the advantages and disadvantages of each strategy. Protection and Security: How does the OS protect memory from unauthorized access by different processes? Explain the role of memory protection mechanisms like base and limit registers, and page table entries (PTEs) with protection bits. Describe a scenario where a process attempts to access memory outside of its allocated region, and explain how the OS would handle this situation to prevent security breaches. How can techniques like Address Space Layout Randomization (ASLR) further enhance memory security?

Arrays

Strings

Stacks

Linked Lists

Trees

Recursion

Graphs

Dynamic Programming

Greedy Algorithms

Bit Manipulation

Amazon

Work experience and current project

Behavioral

Tell me about your work experience and current project.

Arrays

Strings

Interested in this job?

Jobs Related To Amazon Security Engineer, AWS Vulnerability Management

Security Program Manager, DC Security

Amazon

Security Program Manager role at AWS focusing on data center security systems management, implementation, and maintenance in Israel.

Software Development Engineer II (SDE-2)

Amazon

AWS Security seeks SDE-II to build and innovate on large-scale security management platforms, offering opportunity to work with cutting-edge technology and mentor others.

Security Engineer, Dedicated Security Team

Amazon

Security Engineer role at Amazon focusing on protecting infrastructure, managing security services, and leading security diligence for acquisitions.

SDE II, Kuiper Secure Communications Team

Amazon

SDE II position at Amazon's Project Kuiper, focusing on satellite communication security and working with cutting-edge space technology.

Software Dev Engineer, AWS WAF Bot Control and Fraud Prevention

Amazon

Software Development Engineer position at AWS focusing on WAF Bot Control and Fraud Prevention, building scalable security solutions for cloud infrastructure.