Security Engineer, Specialized Business Services Security, Vulnerability Management
Description For Security Engineer, Specialized Business Services Security, Vulnerability Management
Amazon's Specialized Business Services Security team is seeking a Security Engineer for their Vulnerability Management Team. This role focuses on detection, assessment, triage, and remediation of vulnerabilities across Amazon's innovative Devices and Services. The position offers an opportunity to work with diverse security scanning tools and enhance vulnerability detection capabilities throughout the Software Development Lifecycle (SDLC).
The role combines technical expertise in security with strategic thinking, requiring skills in automated detection tools, vulnerability analysis, and secure development practices. You'll partner with development teams to drive security improvements at scale, working with SAST, DAST, and SCA tools while analyzing both public and private vulnerability disclosures.
Amazon Security values diverse experiences and maintains a high bar for security across all products and services. The team offers opportunities to build experience in various areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. The culture emphasizes continuous learning, diversity, and work-life harmony.
The position offers competitive compensation ranging from $136,000 to $212,800 per year, depending on location and experience, plus additional benefits including medical coverage and career development opportunities. The role requires 3+ years of relevant experience and offers the chance to work on critical security challenges while contributing to Amazon's mission of being Earth's Best Employer.
This is an excellent opportunity for security professionals who want to make a significant impact on product security at scale while working with cutting-edge technologies and diverse teams. The role combines technical depth with strategic thinking, offering both challenge and growth potential in a supportive, inclusive environment.
Responsibilities For Security Engineer, Specialized Business Services Security, Vulnerability Management
- Developing and tuning custom, open source and third-party high quality automated detection tools
- Reviewing output of automated detection tools for accuracy
- Analyzing public and private vulnerability disclosures to analyze impact on Amazon Devices and Services
- Providing actionable long-term risk prioritization and mitigation guidance
- Proposing mechanisms for integrating security detection tools into the development lifecycle
- Collaborate with partners across Amazon to develop scalable solutions to security problems
Requirements For Security Engineer, Specialized Business Services Security, Vulnerability Management
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Experience with threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Bachelor's degree in computer science or equivalent
- 3+ years hands-on experience in Vulnerability Management, Product Security and/or Application Security
Benefits For Security Engineer, Specialized Business Services Security, Vulnerability Management
- Medical, financial, and other benefits
- Training and career growth opportunities
- Work-life balance
- Flexible working culture
- Ongoing DEI events and learning experiences
