Security Engineer, Vulnerability Management and Remediation Operations

Amazon is one of the world's largest and most complex technology ecosystems, focusing on customer trust and delivering delightful customer experiences.
Security
Mid-Level Software Engineer
In-Person
5,000+ Employees
2+ years of experience
Cybersecurity · Enterprise SaaS
This job posting may no longer be active. You may be interested in these related jobs instead:
Software Dev Engineer, AWS WAF Bot Control and Fraud Prevention

Software Development Engineer position at AWS focusing on WAF Bot Control and Fraud Prevention, building scalable security solutions for cloud infrastructure.

Software Development Engineer, AWS Global Services Security

AWS Global Services Security Engineering role focused on building transformative security services and enhancing security for AWS's global customer base.

Software Development Engineer II, Amazon Security Platform Engineering

Build and maintain Amazon's security platform using big data and distributed systems to protect Amazon's global infrastructure and customers.

Security Engineer II, AppSec Stores

Security Engineer role at Amazon Stores focusing on application security, threat modeling, and secure code review.

Security Engineer II, Stores Application Security

Security Engineer II position at Amazon Stores focusing on application security, threat modeling, and secure code review across diverse technology domains.

Description For Security Engineer, Vulnerability Management and Remediation Operations

Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.

Key responsibilities include:

  • Analyzing public and private vulnerability disclosures and exploit code
  • Assessing technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications
  • Investigating and triaging vulnerabilities, identifying severity and scope of potential impact
  • Supporting response and remediation efforts, assisting builder teams to fix security issues
  • Engineering high-quality, scalable, and accurate vulnerability detection mechanisms
  • Designing and implementing automation, tools, and workflows to enhance operations capabilities
  • Participating in periodic on-call responsibilities for continuous monitoring and remediation of vulnerabilities

The ideal candidate will have:

  • BS degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree; or 4+ years equivalent technology experience
  • 2+ years engineering experience in system, network, and/or application security or security product development
  • Deep knowledge of vulnerabilities, exploits, and vulnerability management systems
  • Experience developing vulnerability assessment tests, tools, and exploits in Python, Java, etc.
  • Experience building applications or systems on cloud-based services

Amazon Security values diverse experiences and encourages candidates from all backgrounds to apply. The team offers flexible work hours, ongoing DEI events, mentorship, and career growth opportunities. Join us in making a significant impact on the security of one of the world's largest technology ecosystems!

Last updated 5 months ago

Responsibilities For Security Engineer, Vulnerability Management and Remediation Operations

  • Analyse public and private vulnerability disclosures and exploit code
  • Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications
  • Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon
  • Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner
  • Engineer high quality, scalable, and accurate vulnerability detection mechanisms
  • Design and implement automation, tools and workflows to enhance our operations capabilities
  • Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities

Requirements For Security Engineer, Vulnerability Management and Remediation Operations

Python
Java
  • BS degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree; or 4+ years equivalent technology experience
  • 2 years engineering experience in system, network, and/or application security or the development of security products
  • 2 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem
  • 2 years experience and deep knowledge of vulnerabilities, exploits and vulnerability management systems
  • 2 years experience developing vulnerability assessment tests, tools and exploits in Python, Java, etc
  • 2 years experience building applications or systems on cloud-based services

Benefits For Security Engineer, Vulnerability Management and Remediation Operations

  • Flexible work hours
  • Ongoing DEI events
  • Mentorship
  • Career growth opportunities

Interested in this job?