Security Engineer, AWS Vulnerability Management

Amazon

Amazon Web Services (AWS) is the world's leading cloud platform providing scalable, reliable, and innovative cloud computing solutions.

Washington, DC, USA

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

4+ years of experience

Enterprise SaaS · Cybersecurity · Cloud

Description For Security Engineer, AWS Vulnerability Management

Join AWS Security's Vulnerability Management team as a Security Engineer in a role that puts security at the forefront of cloud computing. As part of AWS, where "security is job zero," you'll be working with a creative, diverse, and collaborative team that's revolutionizing security practices at an unprecedented scale.

The position offers the opportunity to work on critical security challenges that directly impact every AWS customer. You'll be responsible for identifying security risks, analyzing big data, and building automated solutions that enhance AWS's security posture. The role combines technical expertise with strategic thinking, as you'll work across all of AWS, interacting with product teams, industry specialists, and organization leaders.

Your day-to-day work will involve diving into large datasets, performing vulnerability assessments, and implementing automation solutions to improve security operations. You'll leverage AWS's full technology stack to build services that protect both internal and external customers from security threats. The position requires someone who can prioritize effectively, think creatively, and maintain high standards while following security engineering best practices.

The team culture emphasizes continuous learning, diversity, and inclusion, with ongoing DEI events and learning experiences. AWS Security values diverse experiences and perspectives, recognizing that the most challenging security problems require a variety of viewpoints and approaches. The organization offers excellent career growth opportunities, with resources for knowledge-sharing and professional development.

Working at AWS Security means joining a proven leader in various security domains, including cloud services, IoT, identity and access management, and more. The role offers the chance to make a significant impact while working with cutting-edge technology and some of the industry's brightest minds. If you're passionate about security, automation, and working at scale, this position offers an exceptional opportunity to grow your career while contributing to the security of AWS's global infrastructure.

Last updated 3 months ago

Responsibilities For Security Engineer, AWS Vulnerability Management

Build and implement solutions to identify software based risks in AWS services with a focus on automation
Perform vulnerability and impact assessments taking into account base, temporal, and environmental factors
Query, analyze, and report on large datasets
Work with software builders to apply environmental context against findings to adjust risk scores
Implement automation to improve operational throughput and efficiency
Serve as a security thought leader for the team and AWS Security

Requirements For Security Engineer, AWS Vulnerability Management

Python

Java

Linux

BS degree in Computer Science, Computer Engineering, Information Systems or related degree; or 4+ years equivalent technology experience
3 years experience in system, network, and/or application security
3 years experience in threat modeling and interpreting vulnerability disclosures
2 years experience building automated tools in C, C++, Java, Python, Perl, PowerShell, or Ruby
Strong understanding of networking, operating system internals, and system design

Benefits For Security Engineer, AWS Vulnerability Management

Medical Insurance

Dental Insurance

Vision Insurance

Flexible work hours
Career development and training opportunities
Diverse and inclusive work environment
Work-life harmony

Amazon

Amazon Web Services (AWS) is the world's leading cloud platform providing scalable, reliable, and innovative cloud computing solutions.

Washington, DC, USA

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

4+ years of experience

Enterprise SaaS · Cybersecurity · Cloud

Amazon

Given an array representing server processing powers, merge consecutive servers if the next server's power is greater than the current. What is the final array of server powers after all possible merges are done?

Data Structures & AlgorithmsHard

You are given an array of servers represented by their processing power. You want to join consecutive servers together to form larger, more powerful servers. You can only join server i with server i+1 if the processing power of server i+1 is strictly greater than the processing power of server i. This joining process can cascade, meaning that if you join i and i+1, and the new combined processing power is less than i+2, you can then join the combined server with i+2, and so on. The goal is to maximize the number of these larger servers. For example: Consider the array [1, 2, 3, 4, 5]. You can join 1 and 2 to form 3. Then you can join 3 and 3 to form 6. Then you can join 6 and 4 to form 10. Finally, you can join 10 and 5 to form 15, resulting in one server with processing power 15. Consider the array [5, 4, 3, 2, 1]. You cannot join any servers because the processing power is always decreasing. Consider the array [1, 3, 2, 4, 1, 5]. You can join 1 and 3 to get 4. You cannot join 4 and 2. You can join 2 and 4 to get 6. You cannot join 6 and 1. You can join 1 and 5 to get 6. The final servers will be [4, 6, 6]. Write a function that takes an array of integers representing server processing powers and returns the final array of server processing powers after performing all possible joins.

Arrays

Greedy Algorithms

Amazon

Describe how you would improve an e-commerce product recommendation system.

System DesignHard

Let's explore your problem-solving skills with a practical scenario. Imagine you're building a feature for an e-commerce website that recommends products to users based on their past purchases. The system currently uses a simple algorithm: it identifies the products most frequently bought by users with similar purchase histories and suggests those. However, you've noticed a few issues: Lack of Novelty: The recommendations are often too obvious or repetitive. Users who bought coffee are constantly recommended coffee, even though they might be interested in other related items like filters, mugs, or coffee makers. Cold Start Problem: New users with limited purchase history receive generic recommendations that aren't very helpful. Ignoring User Context: The system doesn't consider factors like the time of year (e.g., recommending winter coats in July) or current trends. Your task is to enhance the recommendation system to address these issues. Describe your approach, considering both algorithmic improvements and data enrichment strategies. Provide specific examples of how you would: Incorporate a measure of diversity to introduce novelty into the recommendations. Handle the cold start problem for new users. Leverage additional data sources (e.g., product descriptions, user reviews, social media trends) to improve recommendation accuracy and relevance. Explain what machine learning algorithms and evaluation metrics you would use to validate your improvements. How would you A/B test your changes to ensure they are positively impacting user engagement and sales?

Dynamic Programming

Greedy Algorithms

Database Problems

Amazon

Tell me about yourself

Behavioral

Tell me about yourself. To help me understand your background, please structure your response by including the following: A brief overview of your educational background: Where did you go to school, what did you study, and what were your key areas of focus or specializations? A summary of your professional experience: Walk me through your previous roles, highlighting the companies you worked for, your responsibilities, and the significant projects you contributed to. Be sure to mention any accomplishments or quantifiable results you achieved. Skills and areas of expertise: What are your strongest technical skills and areas of expertise? Provide specific examples of how you've applied these skills in previous projects or roles. For instance, if you're proficient in Python, describe a project where you used Python to solve a complex problem. Your motivations and interests: What are you passionate about in the field of technology, and what motivates you to pursue a career in this area? What specific aspects of software engineering or your chosen field do you find most exciting or rewarding? Your career goals: Where do you see yourself in the next 3-5 years? What are your short-term and long-term career aspirations, and how does this role align with your overall goals? Are you looking to specialize in a particular area, take on leadership responsibilities, or make a significant impact in a specific industry? By providing this structured overview, I hope to gain a better understanding of your background, skills, and aspirations, and how they align with the goals and requirements of this position.

Interested in this job?

Jobs Related To Amazon Security Engineer, AWS Vulnerability Management

Security Program Manager, DC Security

Amazon

Security Program Manager role at AWS focusing on data center security systems management, implementation, and maintenance in Israel.

Software Development Engineer II (SDE-2)

Amazon

AWS Security seeks SDE-II to build and innovate on large-scale security management platforms, offering opportunity to work with cutting-edge technology and mentor others.

Security Engineer, Dedicated Security Team

Amazon

Security Engineer role at Amazon focusing on protecting infrastructure, managing security services, and leading security diligence for acquisitions.

SDE II, Kuiper Secure Communications Team

Amazon

SDE II position at Amazon's Project Kuiper, focusing on satellite communication security and working with cutting-edge space technology.

Software Dev Engineer, AWS WAF Bot Control and Fraud Prevention

Amazon

Software Development Engineer position at AWS focusing on WAF Bot Control and Fraud Prevention, building scalable security solutions for cloud infrastructure.