Security Engineer, Specialized Business Services Security, Vulnerability Management

Amazon

Global technology company leading in e-commerce, cloud computing, digital streaming, and artificial intelligence.

Boston, MA, USA • Austin, TX, USA • San Francisco, CA, USA…

$136,000 - $212,800

Security

Senior Software Engineer

In-Person

5,000+ Employees

3+ years of experience

Enterprise SaaS · Cybersecurity

This job posting may no longer be active. You may be interested in these related jobs instead:

Security Operations Engineer, AWS Security Cloud Response

Amazon

Senior Security Operations Engineer role at AWS Security focusing on incident response, security tool development, and team leadership.

Sr. Security Engineer, AppSec - Amazon Stores Security

Amazon

Senior Security Engineer role at Amazon focusing on application security, threat modeling, and secure code review for Amazon Stores' diverse technology portfolio.

Security Engineer, Kuiper Security

Amazon

Senior Security Engineer role at Amazon's Project Kuiper, focusing on securing satellite-based broadband communications systems and protecting customer data.

Sr. Security Systems Engineer, DC Security Solutions Engineering

Amazon

Senior Security Systems Engineer role at AWS, focusing on designing and implementing comprehensive security solutions for data centers, requiring 8+ years of experience in security systems.

Senior Security Engineer, Stores AppSec

Amazon

Senior Security Engineer role at Amazon Stores focusing on application security, threat modeling, and secure development practices.

Description For Security Engineer, Specialized Business Services Security, Vulnerability Management

Amazon's Specialized Business Services Security team is seeking a Security Engineer for their Vulnerability Management Team. This role focuses on detection, assessment, triage, and remediation of vulnerabilities across Amazon's innovative Devices and Services. The position offers an opportunity to work with diverse security scanning tools and enhance vulnerability detection capabilities throughout the Software Development Lifecycle (SDLC).

The role combines technical expertise in security with strategic thinking, requiring skills in automated detection tools, vulnerability analysis, and secure development practices. You'll partner with development teams to drive security improvements at scale, working with SAST, DAST, and SCA tools while analyzing both public and private vulnerability disclosures.

Amazon Security values diverse experiences and maintains a high bar for security across all products and services. The team offers opportunities to build experience in various areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. The culture emphasizes continuous learning, diversity, and work-life harmony.

The position offers competitive compensation ranging from $136,000 to $212,800 per year, depending on location and experience, plus additional benefits including medical coverage and career development opportunities. The role requires 3+ years of relevant experience and offers the chance to work on critical security challenges while contributing to Amazon's mission of being Earth's Best Employer.

This is an excellent opportunity for security professionals who want to make a significant impact on product security at scale while working with cutting-edge technologies and diverse teams. The role combines technical depth with strategic thinking, offering both challenge and growth potential in a supportive, inclusive environment.

Last updated 3 months ago

Responsibilities For Security Engineer, Specialized Business Services Security, Vulnerability Management

Developing and tuning custom, open source and third-party high quality automated detection tools
Reviewing output of automated detection tools for accuracy
Analyzing public and private vulnerability disclosures to analyze impact on Amazon Devices and Services
Providing actionable long-term risk prioritization and mitigation guidance
Proposing mechanisms for integrating security detection tools into the development lifecycle
Collaborate with partners across Amazon to develop scalable solutions to security problems

Requirements For Security Engineer, Specialized Business Services Security, Vulnerability Management

Python

Java

3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
Experience with threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
Bachelor's degree in computer science or equivalent
3+ years hands-on experience in Vulnerability Management, Product Security and/or Application Security

Benefits For Security Engineer, Specialized Business Services Security, Vulnerability Management

Medical Insurance

401k

Mental Health Assistance

Medical, financial, and other benefits
Training and career growth opportunities
Work-life balance
Flexible working culture
Ongoing DEI events and learning experiences

Amazon

Global technology company leading in e-commerce, cloud computing, digital streaming, and artificial intelligence.

Boston, MA, USA • Austin, TX, USA • San Francisco, CA, USA…

$136,000 - $212,800

Security

Senior Software Engineer

In-Person

5,000+ Employees

3+ years of experience

Enterprise SaaS · Cybersecurity

Amazon

Find the contiguous subarray with the largest sum.

Data Structures & AlgorithmsMedium

You are given an array of integers. Write a function to find the contiguous subarray with the largest sum and return that sum. For example: Given the array [-2, 1, -3, 4, -1, 2, 1, -5, 4], the contiguous subarray [4, -1, 2, 1] has the largest sum = 6. Given the array [1, 2, 3, 4, 5], the contiguous subarray [1, 2, 3, 4, 5] has the largest sum = 15. Given the array [-1, -2, -3], the contiguous subarray [-1] has the largest sum = -1. Your function should be efficient and handle arrays with both positive and negative numbers. Explain the time complexity of your solution. Can you implement this using dynamic programming? Are there other approaches? Discuss the tradeoffs of the various potential solutions.

Arrays

Dynamic Programming

Amazon

Design a system to clean and transform inconsistent customer data from various sources into a consistent format for analysis, addressing data cleaning, transformation, scalability, and error handling. Provide code examples for data cleaning and transformation steps.

System DesignMedium

Let's explore a scenario involving data transformation. Imagine you're receiving a stream of customer data from various sources. This data includes customer IDs, names, email addresses, and purchase histories. However, the data is inconsistent: some sources use different formats for dates, some have missing fields, and others use abbreviations for states. Your task is to design a robust and efficient system to clean and transform this data into a consistent format suitable for analysis. Specifically: Data Cleaning: How would you handle missing values, inconsistent date formats (e.g., MM/DD/YYYY vs. YYYY-MM-DD), and variations in state abbreviations (e.g., CA vs. California)? Provide code examples (Python is preferred) demonstrating how you would address these issues. Data Transformation: How would you transform the data to ensure consistency? For example, you might need to convert all dates to a standard format, expand state abbreviations to their full names, and ensure all customer IDs are in a uniform format. Scalability: How would you design the system to handle a large volume of data (e.g., millions of records per day)? Consider the technologies and architectures you would use to ensure scalability and performance. Think about potential bottlenecks and how to address them. Error Handling: Describe how you would implement error handling and logging to identify and address data quality issues. What metrics would you track to monitor the quality of the transformed data? For instance, suppose you receive the following data snippets: Source 1: {customer_id: 123, name: Alice, email: alice@example.com, purchase_date: 01/01/2023, state: CA} Source 2: {CustomerID: 456, Name: Bob, Email: bob@example.com, PurchaseDate: 2023-01-01, State: California} How would your system handle these variations and transform them into a unified format like this: {customer_id: 123, name: Alice, email: alice@example.com, purchase_date: 2023-01-01, state: California}

Database Problems

Arrays

Strings

Amazon

Tell me about a project that you're most proud of

Behavioral

Tell me about a project that you're most proud of. To help me understand the scope and impact, please provide specific details about the project, including: The problem: What challenge were you trying to solve, and why was it important? Your role: What specific responsibilities did you have on the project? What were your key contributions? The technical details: What technologies, tools, or techniques did you use? For example, did you work with a specific programming language, framework, or database? The outcome: What were the results of the project? Did you meet the initial goals? Did you encounter any unexpected benefits or challenges? What did you learn?: Looking back, what would you do differently? What skills or knowledge did you gain from the experience? Did you face any setbacks, and how did you overcome them? For instance, if you worked on a project to improve the performance of a web application, you might discuss the specific performance bottlenecks you identified, the optimization techniques you implemented (e.g., caching, code optimization), and the resulting improvement in response time or throughput. Or, if you designed a new feature for a mobile app, you could describe the user research you conducted, the design process you followed, and the metrics you used to measure the feature's success. Be prepared to discuss technical challenges you faced and how you addressed them.

Interested in this job?