Security Engineer II, Stores Application Security

Amazon

Global technology company leading in e-commerce, cloud computing, and digital innovation

Austin, TX, USA

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

3+ years of experience

Enterprise SaaS · E-Commerce · Healthcare...

Description For Security Engineer II, Stores Application Security

Amazon Stores is seeking a Security Engineer II to join their Application Security team. This role sits at the intersection of innovation and security, working with one of the world's largest AWS deployments across diverse domains from e-commerce to healthcare. As an AppSec engineer, you'll collaborate with development teams to ensure customer safety while building cutting-edge services.

The role combines technical expertise with leadership through influence. You'll conduct code inspections, build security frameworks, and work closely with developers on service design. The ideal candidate should be a security generalist with deep expertise in specific areas, capable of clearly communicating risks to various audiences.

Amazon Stores ships some of the most diverse technology stacks, from amazon.com to machine learning pipelines and no-checkout retail solutions. You'll be responsible for threat modeling, secure code review, developing security automation tools, and providing security architecture guidance. The role requires both technical acumen and strong communication skills to harmonize different perspectives while effectively prioritizing security risks.

The organization strongly values work-life harmony and invests in reducing on-call burden while ensuring high-impact work. You'll join a team that emphasizes continuous learning, diversity of thought, and career growth. Amazon Security offers opportunities to work across various domains including cloud, retail, healthcare, and physical stores.

The position requires 3+ years of experience or equivalent education, with expertise in security practices and programming languages like Java, Python, or JavaScript. You'll work in a culture that promotes inclusion, ongoing learning, and professional development, with the flexibility to maintain work-life balance.

Last updated 2 days ago

Responsibilities For Security Engineer II, Stores Application Security

Creating, updating, and maintaining threat models for software projects
Manual and Automated Secure Code Review in Java, Python and Javascript
Development of security automation tools
Adversarial security analysis using modern tools
Security training and outreach for internal development teams
Security architecture and design guidance
Independently solve security problems requiring novel approaches

Requirements For Security Engineer II, Stores Application Security

Java

Python

JavaScript

Experience with threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
Knowledge of system security vulnerabilities and remediation techniques
Experience with penetration testing and development of exploits
Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
Bachelor's degree in computer science or equivalent, or 3+ years of engineering experience

Benefits For Security Engineer II, Stores Application Security

Medical Insurance

Work-life harmony focus
Career development opportunities
Ongoing DEI events and learning experiences
Knowledge-sharing and training resources
Flexible working culture

Amazon

Global technology company leading in e-commerce, cloud computing, and digital innovation

Austin, TX, USA

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

3+ years of experience

Enterprise SaaS · E-Commerce · Healthcare...

Amazon

Unique Paths

Data Structures & AlgorithmsMedium

There is a robot on an m x n grid. The robot is initially located at the top-left corner (i.e., grid0). The robot tries to move to the bottom-right corner (i.e., gridm - 1). The robot can only move either down or right at any point in time. Given the two integers m and n, return the number of possible unique paths that the robot can take to reach the bottom-right corner. The test cases are generated so that the answer will be less than or equal to 2 * 109. For example, if m = 3 and n = 7, the expected output is 28. Explain your approach, provide code, and analyze the time and space complexity. Also discuss edge cases and alternative solutions using combinatorics.

Dynamic Programming

Amazon

Explain memory management in operating systems with virtual memory, page replacement, fragmentation, and security.

System DesignHard

Let's delve into the fascinating world of operating systems. Imagine you're designing a new OS, and you need to implement a memory management system. Discuss the following: Virtual Memory: Explain the concept of virtual memory. How does it help in managing memory efficiently, especially when dealing with processes that require more memory than physically available? Provide a specific example of a scenario where virtual memory shines, such as running multiple large applications concurrently on a system with limited RAM. What are the benefits and drawbacks of using virtual memory? Specifically discuss the performance overhead associated with page faults. Page Replacement Algorithms: Describe different page replacement algorithms (e.g., FIFO, LRU, Optimal). For each algorithm, provide a step-by-step example using a reference string of page accesses (e.g., 1, 2, 3, 4, 1, 2, 5, 1, 2, 3). Calculate the number of page faults for each algorithm. Discuss the trade-offs between the complexity of the algorithm and its performance in terms of minimizing page faults. Explain a situation where FIFO would perform worse than LRU, and vice versa. Memory Fragmentation: Explain internal and external fragmentation. Give examples for each. What are the causes of each type of fragmentation? What strategies can be used to mitigate memory fragmentation (e.g., compaction, paging, segmentation)? Discuss the advantages and disadvantages of each strategy. Protection and Security: How does the OS protect memory from unauthorized access by different processes? Explain the role of memory protection mechanisms like base and limit registers, and page table entries (PTEs) with protection bits. Describe a scenario where a process attempts to access memory outside of its allocated region, and explain how the OS would handle this situation to prevent security breaches. How can techniques like Address Space Layout Randomization (ASLR) further enhance memory security?

Arrays

Strings

Stacks

Linked Lists

Trees

Recursion

Graphs

Dynamic Programming

Greedy Algorithms

Bit Manipulation

Amazon

Describe a time when a plan did not go as expected

Behavioral

Describe a time when a plan did not go as expected.

Interested in this job?

Jobs Related To Amazon Security Engineer II, Stores Application Security

Security Program Manager, DC Security

Amazon

Security Program Manager role at AWS focusing on data center security systems management, implementation, and maintenance in Israel.

Software Development Engineer II (SDE-2)

Amazon

AWS Security seeks SDE-II to build and innovate on large-scale security management platforms, offering opportunity to work with cutting-edge technology and mentor others.

Security Engineer, Dedicated Security Team

Amazon

Security Engineer role at Amazon focusing on protecting infrastructure, managing security services, and leading security diligence for acquisitions.

SDE II, Kuiper Secure Communications Team

Amazon

SDE II position at Amazon's Project Kuiper, focusing on satellite communication security and working with cutting-edge space technology.

Software Dev Engineer, AWS WAF Bot Control and Fraud Prevention

Amazon

Software Development Engineer position at AWS focusing on WAF Bot Control and Fraud Prevention, building scalable security solutions for cloud infrastructure.