Audible
Join to apply for the
Security Engineer, Audible Security
role at
Audible Get AI-powered advice on this job and more exclusive features. Description At Audible, we believe stories have the power to transform lives. Its why we work with some of the worlds leading creators to produce and share audio storytelling with our millions of global listeners. We are dreamers and inventors who come from a wide range of backgrounds and experiences to empower and inspire each other. Imagine your future with us. About This Role As a Security Engineer at Audible, you will advocate for information security throughout all our software development and business processes. You will work with other Security Engineers, Application Developers, System Engineers, and Business Stakeholders to protect our customers and Audibles business. About The Team Audible Information Security team is looking for an experienced Security Engineering Leader to join our world-class team. We are obsessed with protecting customer trust. We are a hands-on team working to protect our computer networks, servers, applications, and data assets. As a Security Engineer, you will... Contribute to designing, implementing, and executing security review and test methodologies for recurring testing of critical production services Partner with service teams to ensure risks are remediated Conduct design review, threat modeling, security review, and penetration testing on production systems Scope and perform penetration testing and vulnerability research on complex proprietary software and hardware Collaborate with internal development teams at Audible and Amazon to enhance security tooling and functionality at scale Prepare and present detailed, written technical information for internal and external audiences Participate in third-party security risk assessments and due diligence (including helping to secure third-party integrations and partnerships) Provide guidance on risk, compliance, and policy to technical and non-technical internal customers, including security training and outreach to internal teams and external supply chain partners About Audible Audible is the leading producer and provider of audio storytelling. We spark listeners imaginations, offering immersive, cinematic experiences full of inspiration and insight to enrich our customers daily lives. We are a global company with an entrepreneurial spirit. We are dreamers and inventors who are passionate about the positive impact Audible can make for our customers and our neighbors. This spirit supports a culture of creativity and inclusion built on our People Principles and our mission to build more equitable communities in the cities we call home. Basic Qualifications Bachelor's degree in Computer Science or related field or equivalent experience 5+ years of relevant work experience, such as application security reviews, security engineering, security analysis, incident response, third-party security and risk assessments, data loss prevention, insider threat Experience using standard Security Assessment and Penetration Testing tools such as BurpSuite Knowledge of information security principles and the CBK domains and core technologies (CIA, encryption, identity, authN/authZ, SSO, web protocols, privacy) Experience advocating security best practices for third-party integrations (e.g., with SaaS solutions, third-party libraries) Preferred Qualifications Experience working with development teams and explaining remediation to product owners Experience working with business teams and senior stakeholders, articulating risks clearly in non-technical terms Demonstrated judgment, integrity, business acumen, and communication skills Understanding of threat modeling and risk identification techniques Knowledge of web application and system security vulnerabilities and remediation Proficiency in auditing Java code for bugs Strong scripting skills in Perl, Python, or Java Familiarity with attack patterns and exploitation techniques Experience with Security Engineering methodologies like fuzzing and static/dynamic code analysis Ability to develop exploits for common vulnerabilities Experience with AWS or similar cloud platforms Experience designing technical security controls at the business level Understanding security challenges faced by large multinational companies Participation in Bug Bounty programs Amazon is an equal opportunity employer and does not discriminate on protected veteran status, disability, or other legally protected statuses. If you need accommodations during the application or interview process, please visit this link. #J-18808-Ljbffr
Security Engineer, Audible Security
role at
Audible Get AI-powered advice on this job and more exclusive features. Description At Audible, we believe stories have the power to transform lives. Its why we work with some of the worlds leading creators to produce and share audio storytelling with our millions of global listeners. We are dreamers and inventors who come from a wide range of backgrounds and experiences to empower and inspire each other. Imagine your future with us. About This Role As a Security Engineer at Audible, you will advocate for information security throughout all our software development and business processes. You will work with other Security Engineers, Application Developers, System Engineers, and Business Stakeholders to protect our customers and Audibles business. About The Team Audible Information Security team is looking for an experienced Security Engineering Leader to join our world-class team. We are obsessed with protecting customer trust. We are a hands-on team working to protect our computer networks, servers, applications, and data assets. As a Security Engineer, you will... Contribute to designing, implementing, and executing security review and test methodologies for recurring testing of critical production services Partner with service teams to ensure risks are remediated Conduct design review, threat modeling, security review, and penetration testing on production systems Scope and perform penetration testing and vulnerability research on complex proprietary software and hardware Collaborate with internal development teams at Audible and Amazon to enhance security tooling and functionality at scale Prepare and present detailed, written technical information for internal and external audiences Participate in third-party security risk assessments and due diligence (including helping to secure third-party integrations and partnerships) Provide guidance on risk, compliance, and policy to technical and non-technical internal customers, including security training and outreach to internal teams and external supply chain partners About Audible Audible is the leading producer and provider of audio storytelling. We spark listeners imaginations, offering immersive, cinematic experiences full of inspiration and insight to enrich our customers daily lives. We are a global company with an entrepreneurial spirit. We are dreamers and inventors who are passionate about the positive impact Audible can make for our customers and our neighbors. This spirit supports a culture of creativity and inclusion built on our People Principles and our mission to build more equitable communities in the cities we call home. Basic Qualifications Bachelor's degree in Computer Science or related field or equivalent experience 5+ years of relevant work experience, such as application security reviews, security engineering, security analysis, incident response, third-party security and risk assessments, data loss prevention, insider threat Experience using standard Security Assessment and Penetration Testing tools such as BurpSuite Knowledge of information security principles and the CBK domains and core technologies (CIA, encryption, identity, authN/authZ, SSO, web protocols, privacy) Experience advocating security best practices for third-party integrations (e.g., with SaaS solutions, third-party libraries) Preferred Qualifications Experience working with development teams and explaining remediation to product owners Experience working with business teams and senior stakeholders, articulating risks clearly in non-technical terms Demonstrated judgment, integrity, business acumen, and communication skills Understanding of threat modeling and risk identification techniques Knowledge of web application and system security vulnerabilities and remediation Proficiency in auditing Java code for bugs Strong scripting skills in Perl, Python, or Java Familiarity with attack patterns and exploitation techniques Experience with Security Engineering methodologies like fuzzing and static/dynamic code analysis Ability to develop exploits for common vulnerabilities Experience with AWS or similar cloud platforms Experience designing technical security controls at the business level Understanding security challenges faced by large multinational companies Participation in Bug Bounty programs Amazon is an equal opportunity employer and does not discriminate on protected veteran status, disability, or other legally protected statuses. If you need accommodations during the application or interview process, please visit this link. #J-18808-Ljbffr