Returning Candidate?

Security Engineer II

Security Engineer II

Job ID 
Company/Location (search) 
Posted Date 
Company Services, Inc.
Recruiting Team 

Job Description

The AWS Networking team is driving innovation in the area of Network Security and is seeking experienced security engineers to secure critical network infrastructure. At Amazon Web Services, we run one of the largest networks in the world and we believe that network security, availability and reliability are core to the success of our customers. It is our goal to build the most secure, scalable and reliable networking infrastructure platform for the world. In this role you have the unique opportunity to guide and develop innovative security products that require innovative ideas to address the massive global scale of Amazon’s worldwide retail and cloud infrastructure.

We are building next-generation network security products, tools and developing processes to identify vulnerabilities in this space. In your work you will be successful if you can analyze software designs and requirements, develop access policies, understand network architecture and work with disjoint data sets to compile information that is actionable by your team.

We are looking for experienced Security Engineers to ensure that our network infrastructure is built to the high standards required to maintain and enhance customer trust. If you enjoy analyzing networks, can think systemically at scale, like poking around in operating systems and think of how to protect applications from a security perspective; then this position will provide you with a challenging opportunity. You will participate in the design, build and deployment of security-focused infrastructure platforms as well as provide architectural review, risk analysis, vulnerability testing and security reviews of many elements of Amazon’s internal systems.
A Security Engineer II at Amazon is expected to be strong in multiple domains. Efficient time management skills are required along with the ability to deliver results in the face of uncertainty. A Security Engineer II will proactively share knowledge across the Amazon community and will be a key company resource in one or more of the core areas of security. They will lead security reviews of large Amazon projects while setting standards and defining best practices for AWS networking and security automation software teams.

Engineers in this role must show exemplary judgment in making technical trade-offs between short versus long term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. Conflicts should be addressed by listening, finding the best way forward and persuading one’s colleagues. Successful engineers in this role will regularly analyze their own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required and this must be acquired quickly and maintained over time. This position will also provide training, advice, and mentorship to successful candidates and it is expected that individuals in this role will get work done through other engineers within the organization.

Responsibilities include:
  • Identify security issues and risks and produce mitigation plans to resolve issues
  • Gather and specify requirements to assist software teams during design and development of new security tools.
  • Rank and prioritize software engineering features that add the most business value to build customer trust
  • Perform risk assessment and threat modeling
  • Detect and work with teams to correct vulnerabilities in critical infrastructure
  • Develop security policies and procedures specific to networking teams
  • Learn and be curious by evaluating and recommending new and emerging security products and technologies and leverage these on a global scale
  • Develop and deliver training materials and perform security awareness and security technology training
  • Deliver results by working with internal compliance teams to provide evidence for PCIDSS, SOC, ITAR audits
  • Participate in an on call rotation and security escalations
  • Participate in projects that allow builders to create invented here technology
  • Represent the network infrastructure organization within the internal Amazon community of security engineers, networking teams and service teams.

Basic Qualifications

  • Bachelor’s Degree in Computer Science, or equivalent
  • At least 2 years of experience in system, network and/or application security engineering
  • At least 1 year of experience participating in compliance audits (PCI-DSS, SOC, FedRamp)
  • Knowledge of Internet protocols (e.g., TCP/IP, BGP, OSPF, TACACS, IPSEC, SNMP, SYSLOG and other protocols

Preferred Qualifications

  • Comfortable working with a POSIX-compliant operating system
  • Scripting experience in dynamic languages (e.g., Perl, Python, Ruby, shell scripting) and able to provide situational evidence of solving a real problem using automation
  • Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
  • At least 1 year of experience involved (in a development, QA testing, or security role) with software team(s) that delivered production software
  • Experience with complex systems and software architectures
  • Experience with reverse engineering
  • Demonstrable teamwork skills and resourcefulness
  • Strong sense of ownership, urgency, and drive
  • Experience providing training and mentorship
  • Advanced knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Experience with service-oriented architecture and web services security
  • Experience with the application of threat modeling or other risk identification techniques
  • Sharp analytical abilities and proven design skills
  • Excellent written and verbal communication skills
  • Excellent leadership skills and teamwork skills

Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.