Security Engineer II, Stores Penetration Testing
Description For Security Engineer II, Stores Penetration Testing
Amazon's Information Security Penetration Testing Team is seeking a Security Engineer to help keep Amazon secure for its customers. In this role, you will attack Amazon's services, applications, and websites to discover security issues and report them to internal technology teams. This position offers challenging opportunities, both technologically and as a leader, and will be exciting for those who enjoy hacking Amazon alongside a highly skilled team.
Key responsibilities include:
- Conducting high-quality application penetration tests independently or as part of a team
- Creating detailed engagement plans and thoroughly documenting findings, gaps, and remediation recommendations
- Contributing to team tooling, innovation, and improvements
- Communicating and collaborating with partner teams, service owners, Information Security, and senior leadership
The ideal candidate will be strong in multiple domains, work closely with teams throughout Information Security, and provide technical leadership and advice to teams and leaders throughout Amazon. You'll gain deep, technical knowledge about Amazon's build and operations, leveraging this knowledge to find new ways to break services, processes, and technologies throughout the company.
This role requires exemplary judgment in making technical trade-offs, resilience in navigating ambiguous situations, and the ability to provide thought leadership. A strong sense of customer obsession is necessary to focus on keeping Amazon and its customers secure.
Amazon Security values diverse experiences and encourages candidates to apply even if they don't meet all qualifications. The team offers opportunities to build experience in various areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Amazon Security provides a supportive work environment with ongoing DEI events, learning experiences, knowledge-sharing, training, and career-advancing resources. The company values work-life harmony and offers flexible work hours and arrangements.
Compensation for this position ranges from $136,000/year to $212,800/year, depending on the geographic market, job-related knowledge, skills, and experience. Amazon also offers equity, sign-on payments, and a full range of medical, financial, and other benefits as part of the total compensation package.
Responsibilities For Security Engineer II, Stores Penetration Testing
- Conduct high-quality application penetration tests independently or as part of a team
- Create detailed engagement plans and thoroughly document findings, gaps, and remediation recommendations
- Contribute to team tooling, innovation, and improvements
- Communicate and collaborate with partner teams, service owners, Information Security, and senior leadership
- Provide technical leadership and advice to teams throughout Amazon
- Discover new ways to break services, processes, and technologies throughout the company
- Make technical trade-offs between short-term fixes and long-term security and business goals
- Provide thought leadership for the organization
Requirements For Security Engineer II, Stores Penetration Testing
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object-oriented language experience
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Strong skills in multiple security domains
- Excellent communication and collaboration skills
- Ability to navigate ambiguous situations with composure and tact
- Strong sense of customer obsession
Benefits For Security Engineer II, Stores Penetration Testing
- Equity
- Sign-on payments
- Medical benefits
- Financial benefits
- Flexible work hours
- Career development resources
- Diverse and inclusive work environment
