Senior Penetration Tester, AWS Security - ADC
Herndon, Virginia
Employer: Amazon
Industry: Systems, Quality, \u0026 Security Engineering
Salary: Competitive
Job type: Full-Time
AWS Security is looking for a Red Team Senior Security Engineer to help ensure that our systems and processes are secured against the latest threats. You will be on a team responsible for conducting offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. Offensive security at scale is a unique challenge - AWS possesses both scale of systems and scale of staff and processes. This position will provide you with a challenging opportunity.
A Security Engineer at Amazon is expected to be strong in multiple domains. This is a leadership role within the AWS IT Security team and will be sought out for advice on technical and business issues. Efficient time management skills are required along with the ability to deliver results in the face of uncertainty. A Security Engineer will proactively share knowledge across the Amazon community and will be a key company resource in one or more of the core areas of security. They will lead security reviews of large Amazon projects while setting standards and defining best practices for the AWS IT Security team.
Engineers in this role must show exemplary judgment in making technical trade-offs between short versus long term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. Conflicts should be addressed by listening, finding the best way forward and persuading one's colleagues. Successful engineers in this role will regularly analyze their own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other engineers throughout AWS.
This role will be expected to provide thought leadership for the organization as you invent and innovate in the course of your duties.
This position requires that the candidate selected be a US Citizen and must currently possess and maintain an active TS/SCI security clearance with polygraph.
Key job responsibilities
* Vulnerability Identification and Tracking
* Offensive security testing & vulnerability research
* Emergent threat testing
* Creating/maintaining automated threat emulation solutions
* Recommendation of findings and threat mitigations
* Produce high quality red team reports
* Projects and research work as needed
* Security training and outreach to internal development teams
* Security guidance documentation
* Security tool development
* Security metrics delivery and improvements
* Assistance with recruiting activities
About the team
Our team is dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we're building an environment that celebrates knowledge sharing and mentorship.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well-balanced life-both in and outside of work.
BASIC QUALIFICATIONS
- BS in Computer Science or related field, or equivalent work experience
- 5 + years of experience with red teaming, vulnerability testing, and/or auditing techniques
- 5 + years of security engineering, system and network security, authentication and security protocols, security operations, and application security
- Current, active US Government Security Clearance of TS/SCI with Polygraph
PREFERRED QUALIFICATIONS
- Domain expertise in at least 3 of: security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, software development security, and security operations.
- Experience with driving large, company-wide initiatives
- Experience managing customer relationships, expectations, deliverables
- Expert level understanding in at least one core area of Information Security
- Experience using various penetration testing tools (such as, BurpSuite, Metasploit, Nessus, Cobalt Strike, etc.) on Windows and Linux
- Experience with multiple programming languages (such as, Java, C++, C#), especially scripting languages (such as, Python, Ruby, Perl, etc.)
- Experience with reverse engineering
- Understanding of mobile device security
- Experience providing training and mentorship Amazon is committed to a diverse and inclusive workplace.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
A Security Engineer at Amazon is expected to be strong in multiple domains. This is a leadership role within the AWS IT Security team and will be sought out for advice on technical and business issues. Efficient time management skills are required along with the ability to deliver results in the face of uncertainty. A Security Engineer will proactively share knowledge across the Amazon community and will be a key company resource in one or more of the core areas of security. They will lead security reviews of large Amazon projects while setting standards and defining best practices for the AWS IT Security team.
Engineers in this role must show exemplary judgment in making technical trade-offs between short versus long term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. Conflicts should be addressed by listening, finding the best way forward and persuading one's colleagues. Successful engineers in this role will regularly analyze their own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other engineers throughout AWS.
This role will be expected to provide thought leadership for the organization as you invent and innovate in the course of your duties.
This position requires that the candidate selected be a US Citizen and must currently possess and maintain an active TS/SCI security clearance with polygraph.
Key job responsibilities
* Vulnerability Identification and Tracking
* Offensive security testing & vulnerability research
* Emergent threat testing
* Creating/maintaining automated threat emulation solutions
* Recommendation of findings and threat mitigations
* Produce high quality red team reports
* Projects and research work as needed
* Security training and outreach to internal development teams
* Security guidance documentation
* Security tool development
* Security metrics delivery and improvements
* Assistance with recruiting activities
About the team
Our team is dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we're building an environment that celebrates knowledge sharing and mentorship.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well-balanced life-both in and outside of work.
BASIC QUALIFICATIONS
- BS in Computer Science or related field, or equivalent work experience
- 5 + years of experience with red teaming, vulnerability testing, and/or auditing techniques
- 5 + years of security engineering, system and network security, authentication and security protocols, security operations, and application security
- Current, active US Government Security Clearance of TS/SCI with Polygraph
PREFERRED QUALIFICATIONS
- Domain expertise in at least 3 of: security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, software development security, and security operations.
- Experience with driving large, company-wide initiatives
- Experience managing customer relationships, expectations, deliverables
- Expert level understanding in at least one core area of Information Security
- Experience using various penetration testing tools (such as, BurpSuite, Metasploit, Nessus, Cobalt Strike, etc.) on Windows and Linux
- Experience with multiple programming languages (such as, Java, C++, C#), especially scripting languages (such as, Python, Ruby, Perl, etc.)
- Experience with reverse engineering
- Understanding of mobile device security
- Experience providing training and mentorship Amazon is committed to a diverse and inclusive workplace.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Created: 2024-08-30
Reference: 2747333
Country: United States
State: Virginia
City: Herndon
About Amazon
Founded in: 1994
Number of Employees: 1600000
Website: https://www.amazon.com/
Career site: https://www.amazon.jobs/en/
Instagram: https://www.instagram.com/amazon/
LinkedIn: https://www.linkedin.com/company/amazon/
Facebook: https://www.facebook.com/Amazon
Similar jobs:
-
Software Development Engineer, AWS Security, Amazon Optics
Amazon in Arlington, Virginia💸 $129300 per year -
Senior Security Engineer, Research and Automation, AWS Security Operations, Security Operations
Amazon in Herndon, Virginia -
Manager - AWS Application Security, AWS Proactive Security
Amazon in Arlington, Virginia💸 $157600 per year -
Software Development Engineer, AWS Security
Amazon in Herndon, Virginia -
Business Development Lead, Security and Compliance, AWS Security Assurance Services
Amazon in Arlington, Virginia💸 $83100 per year -
Senior Security Consultant, AWS Professional Services
Amazon in Arlington, Virginia💸 $138200 per year -
Security Engineer, Software Engineering, AWS Security Operations Centre (SOC)
Amazon in Herndon, Virginia💸 $125500 per year -
Sr Security Intel Specialist, AWS Security
Amazon in Arlington, Virginia -
Security Communications Specialist, AWS Security Messaging
Amazon in Herndon, Virginia💸 $114500 per year -
Senior Security Engineer, AWS Proactive Security
Amazon in Herndon, Virginia💸 $143300 per year -
Sr. SDE, AWS Security
Amazon in Herndon, Virginia -
Software Development Engineer, AWS Proactive Security Detective Tooling
Amazon in Arlington, Virginia -
AWS Cloud Response Senior Security Engineer, AWS Security Operations
Amazon in Herndon, Virginia -
AWS Security Controls Manager, Security Assurance
Amazon in Herndon, Virginia -
Security Engineer, AWS Security Operations Center (SOC)
Amazon in Herndon, Virginia -
Technical Program Manager, AWS Security Assurance
Amazon in Arlington, Virginia💸 $114500 per year -
Senior Technical Program Manager, AWS Security Assurance
Amazon in Arlington, Virginia💸 $133900 per year -
Security Engineer, AWS Proactive Security
Amazon in Arlington, Virginia💸 $136000 per year -
Software Development Engineer II, AWS Security Gatekeepers
Amazon in Herndon, Virginia💸 $129300 per year -
Software Development Engineer, AWS Security
Amazon in Herndon, Virginia