Senior Security Engineer, AWS Vulnerability Management

Amazon Web Services (AWS) is searching for a dedicated and innovative Senior Security Engineer for our AWS Security Vulnerability Management team. At AWS, security is our top priority; we actively create new security services that enable and automate robust security solutions at an unparalleled scale. Our team is driven by data, sets ambitious goals, and consistently challenges ourselves to enhance security at AWS. In this role, you will collaborate with a team of security engineers to tackle complex security challenges with tangible impacts on our customers. Our initiatives span all of AWS, providing opportunities to engage with product teams, industry experts, security partners, and organizational leaders. You will develop and take ownership of software solutions, addressing ambiguous technical problems. Key Responsibilities: Design and implement solutions to identify software-based risks in AWS services. Conduct vulnerability and impact assessments considering various factors. Analyze and report on large datasets. Work collaboratively with other software and security engineers to create solutions for complex security challenges. Investigate large datasets for potential risks and perform severity assessments of software vulnerabilities. Collaborate with software teams to contextualize findings and adjust risk scores accordingly. Automate processes to enhance efficiency and operational throughput. Partner with teams to propose and implement risk mitigation measures at scale. A Day in the Life: Start by assessing vulnerabilities and security architecture across our fleet of corporate devices and servers. Enhance scanning methodologies and remediation strategies in collaboration with various product teams. Conduct in-depth sessions with system owners to refine automation processes and minimize false positives. Mentor junior engineers on security evaluations for corporate assets and containerized environments. Develop key performance indicators to monitor security improvements and builder impact reduction. Update runbooks and strategize on elevating security standards while minimizing efforts for builder teams across diverse asset types. About Our Team: At Amazon Security, we value diverse experiences and encourage all candidates to apply, even if they do not meet every requirement. We believe that varied backgrounds and perspectives contribute to our team's strength. Why Join Us? Security is pivotal in maintaining customer trust at Amazon. Our organization is committed to upholding a high standard of security across all Amazon's offerings. We provide ample opportunities for talented security professionals to enhance their careers across various domains, including cloud, devices, retail, entertainment, and more. Inclusive Culture: In Amazon Security, we prioritize continuous learning and embrace diversity of thought. Addressing security challenges effectively requires a rich mix of ideas and perspectives. Career Growth: We continually strive to lift our performance standards, offering extensive knowledge-sharing and training resources to help you evolve into a better-rounded professional. Work-Life Balance: We believe success at work should not compromise your personal life. Flexible work hours and arrangements are integral to our culture, ensuring a supportive environment for all employees. Basic Qualifications: 6+ years of experience in security issue identification and risk mitigation. 4+ years in network, system, or software architecture with a focus on security tools and services. 4+ years of scripting or programming experience (e.g., in Ruby, Python, Shell, Java, C/C++, Perl, etc.). 2+ years' experience in cryptography, network protocols, threat modeling, or vulnerability assessments. Preferred Qualifications: Understanding of cloud computing services and deployment architectures. Innovative security approaches in non-traditional IT environments. Experience in generating automated metrics for service effectiveness. Strong communication skills to convey complex information effectively. Experience in developing security products. Compensation: The base pay for this position ranges from $143,300/year to $247,600/year based on geographic location, expertise, and experience levels. Total compensation may also include equity, sign-on bonuses, and a comprehensive benefits package. This position will remain posted until filled. Interested candidates should apply through our career site.