What you’ll do:
You demonstrate a breadth and depth of knowledge in the following disciplines:
- You recognize, adopt, utilize and teach best practices in security engineering: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
- You have appropriate technical skills required by your role and area of specialty: software development, network engineering, systems engineering, cryptography or a combination of all.
- You have a capacity and tolerance for extreme context switching and interruptions while remaining productive and able to provide effective, safe guidance.
- You participate in efforts to promote security throughout the Company.
- You help teams throughout the Company develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- You solve problems at their root, stepping back to understand the broader context.
- You maintain an understanding of the Internet threat environment and how it affects the company.
- You work to find and fix flaws in existing company systems and sites.
- You understand the current state of network and application security tools and how they can benefit the company.
- You keep your knowledge and skills current to keep up with the rapidly changing threat landscape.
- You participate in efforts that create and improve the company’s security policies.
You work in a team, driving things forward and exhibiting the following characteristics:
- You collaborate to ensure that decisions are based on the merit of the proposal, not the proposer. When none of the proposals is the obvious winner, you are still decisive, able to disagree and commit to the team’s decision.
- You can work under extended, extreme pressure, handle situations calmly and lead incident response teams effectively.
- You continue to move forward in the face of ambiguity and imperfect knowledge. You do not suffer from “analysis paralysis”.
- You build good working relationships within the team and with others across Amazon by developing and earning the trust of others.
- You proactively support knowledge sharing within the team and across the company.
- You communicate clearly both verbally and in writing with your team and with other groups. You listen effectively.
- Bachelor’s Degree in Computer Science or similar field
- Minimum 5 years in Application Security analysis, assessments, and remediation
- 4+ years of application security experience
- Linux operating system development
- Experience with hardware virtualization technologies
- Solid knowledge of data structures, algorithms, and designing for performance, scalability, and availability
- Programming in C, C++, Java, Python, Perl, and/or Ruby
- Internet and operating system security fundamentals
- Sharp analytical abilities and proven design skills
- Strong sense of ownership, urgency, and drive
- Demonstrated ability to achieve stretch goals in a highly innovative and fast paced environment
- Experience with network protocols a plus Participate in product and technology initiatives and recommend improvements
- Contribute to the risk identifiction and make recommendations to reduce those risks