Security Engineer, Vulnerability Management and Remediation Operations

Amazon

Amazon is one of the world's largest and most complex technology ecosystems, focusing on customer trust and delivering delightful customer experiences.

London, UK

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

2+ years of experience

Cybersecurity · Enterprise SaaS

This job posting may no longer be active. You may be interested in these related jobs instead:

Security Program Manager, DC Security

Amazon

Security Program Manager role at AWS focusing on data center security systems management, implementation, and maintenance in Israel.

Software Development Engineer II (SDE-2)

Amazon

AWS Security seeks SDE-II to build and innovate on large-scale security management platforms, offering opportunity to work with cutting-edge technology and mentor others.

Security Engineer, Dedicated Security Team

Amazon

Security Engineer role at Amazon focusing on protecting infrastructure, managing security services, and leading security diligence for acquisitions.

SDE II, Kuiper Secure Communications Team

Amazon

SDE II position at Amazon's Project Kuiper, focusing on satellite communication security and working with cutting-edge space technology.

Software Dev Engineer, AWS WAF Bot Control and Fraud Prevention

Amazon

Software Development Engineer position at AWS focusing on WAF Bot Control and Fraud Prevention, building scalable security solutions for cloud infrastructure.

Description For Security Engineer, Vulnerability Management and Remediation Operations

Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.

Key responsibilities include:

Analyzing public and private vulnerability disclosures and exploit code
Assessing technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications
Investigating and triaging vulnerabilities, identifying severity and scope of potential impact
Supporting response and remediation efforts, assisting builder teams to fix security issues
Engineering high-quality, scalable, and accurate vulnerability detection mechanisms
Designing and implementing automation, tools, and workflows to enhance operations capabilities
Participating in periodic on-call responsibilities for continuous monitoring and remediation of vulnerabilities

The ideal candidate will have:

BS degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree; or 4+ years equivalent technology experience
2+ years engineering experience in system, network, and/or application security or security product development
Deep knowledge of vulnerabilities, exploits, and vulnerability management systems
Experience developing vulnerability assessment tests, tools, and exploits in Python, Java, etc.
Experience building applications or systems on cloud-based services

Amazon Security values diverse experiences and encourages candidates from all backgrounds to apply. The team offers flexible work hours, ongoing DEI events, mentorship, and career growth opportunities. Join us in making a significant impact on the security of one of the world's largest technology ecosystems!

Last updated 5 months ago

Responsibilities For Security Engineer, Vulnerability Management and Remediation Operations

Analyse public and private vulnerability disclosures and exploit code
Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications
Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon
Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner
Engineer high quality, scalable, and accurate vulnerability detection mechanisms
Design and implement automation, tools and workflows to enhance our operations capabilities
Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities

Requirements For Security Engineer, Vulnerability Management and Remediation Operations

Python

Java

BS degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree; or 4+ years equivalent technology experience
2 years engineering experience in system, network, and/or application security or the development of security products
2 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem
2 years experience and deep knowledge of vulnerabilities, exploits and vulnerability management systems
2 years experience developing vulnerability assessment tests, tools and exploits in Python, Java, etc
2 years experience building applications or systems on cloud-based services

Benefits For Security Engineer, Vulnerability Management and Remediation Operations

Flexible work hours
Ongoing DEI events
Mentorship
Career growth opportunities

Amazon

Amazon is one of the world's largest and most complex technology ecosystems, focusing on customer trust and delivering delightful customer experiences.

London, UK

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

2+ years of experience

Cybersecurity · Enterprise SaaS

Amazon

Write a FizzBuzz program from 1 to 100. Print “Fizz” for multiples of three, “Buzz” for multiples of five, and “FizzBuzz” for multiples of both. How would you handle variations of the prompt, such as user-defined limits or words to print, or gracefully handle invalid input? Explain your approach and assumptions made.

Data Structures & AlgorithmsEasy

Write a program that prints the numbers from 1 to 100. But for multiples of three print “Fizz” instead of the number and for the multiples of five print “Buzz”. For numbers which are multiples of both three and five print “FizzBuzz”. Details: Your solution should be runnable and demonstrate the output. Focus on clean, readable code. Consider edge cases and error handling (though not strictly required for this basic version). Provide a brief explanation of your approach and any assumptions you made. Example: 1 2 Fizz 4 Buzz Fizz 7 8 Fizz Buzz 11 Fizz 13 14 FizzBuzz ... Variations (optional, for a more challenging exercise): Allow the user to input the upper limit of the range (instead of always going to 100). Allow the user to input the numbers to use for Fizz and Buzz (instead of always using 3 and 5). Allow the user to input the words to use for Fizz and Buzz (instead of always using Fizz and Buzz). Handle invalid inputs gracefully. This question assesses a candidate's basic programming skills, understanding of loops and conditional statements, and ability to write clean, understandable code. The variations allow for exploring error handling, input validation, and more flexible program design.

Arrays

Strings

Two Pointers

Stacks

Binary Search

Sliding Windows

Linked Lists

Trees

Recursion

Graphs

Dynamic Programming

Greedy Algorithms

Bit Manipulation

Database Problems

Amazon

Design a turnstile with locked and unlocked states, and implement insert_token() and push() methods.

System DesignHard

Let's design a turnstile. A turnstile is a type of gate which allows one person to pass at a time. Consider a turnstile at a subway station. There are two panels that rotate to allow a single person passage. The turnstile has two states, Locked and Unlocked, and the customer can either Push the turnstile or Insert a token/card. Here is the state transition table: | Event | Current State | Action | Next State | | :----- | :------------ | :------------- | :--------- | | Push | Locked | | Locked | | Token | Locked | Unlock | Unlocked | | Push | Unlocked | Pass through | Locked | | Token | Unlocked | (discarded) | Unlocked | Requirements: Model the state and behavior of a simple turnstile. Implement two methods: insert_token() push() Consider edge cases and error handling. What happens if someone tries to push without inserting a token? What happens if the system malfunctions? Example: turnstile = Turnstile() print(turnstile.state) # Output: Locked turnstile.push() print(turnstile.state) # Output: Locked turnstile.insert_token() print(turnstile.state) # Output: Unlocked turnstile.push() print(turnstile.state) # Output: Locked How would you approach this design and implementation, keeping in mind scalability, maintainability, and potential future extensions such as different types of tokens or remote unlocking?

Database Problems

Arrays

Strings

Two Pointers

Stacks

Binary Search

Sliding Windows

Linked Lists

Trees

Recursion

Graphs

Dynamic Programming

Greedy Algorithms

Bit Manipulation

Amazon

Tell me about yourself

Behavioral

Tell me about yourself. To give you some guidance, please share information beyond just your resume. For example, what are you passionate about, what motivates you, and what are some of your long-term career goals? Think about some significant accomplishments you are proud of and how those experiences have shaped you. What makes you a unique candidate and a good fit for our company, beyond your technical skills? I'm looking for a comprehensive overview of who you are, both professionally and personally.

Interested in this job?