Senior Security Engineer, ReSec Red Team

Description

AWS Utility Computing (UC) provides product innovations — from foundational services such as Amazon’s Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2), to consistently released new product innovations that continue to set AWS’s services and features apart in the industry. As a member of the UC organization, you’ll support the development and management of Compute, Database, Storage, Internet of Things (Iot), Platform, and Productivity Apps services in AWS. Within AWS UC, Amazon Dedicated Cloud (ADC) roles engage with AWS customers who require specialized security solutions for their cloud services.

The ReSec Red Team members participate in security research and review, penetration testing, threat modeling and design. We are looking for a Senior Security Engineer with a focus on database security to help ensure our services and applications are designed and implemented to the highest security standards. We need individuals who are passionate about security and vulnerability research as well as database technologies.

A day in the life

• Diverse Experiences
  
  

Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

• Why AWS
  
  

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

• Work/Life Balance
  
  

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.

• Inclusive Team Culture
  
  

Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.

• Mentorship and Career Growth
  
  

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

Basic Qualifications

6+ years' experience in software security (vulnerability research, penetration testing, etc)

Bachelors' degree in Computer Science or similar field or equivalent work experience.

4+ years experience working in a linux environment

4+ years of working knowledge of at least one scripting language (shell, Python, Perl).

3+ years working with at least one relational databases with the focus on user and role management, authentication/authorization and network protocol

Preferred Qualifications

Passionate about computer security and desire to explore and find security issues (“break things”).

Experience performing or supporting Red Team engagements / penetration testing

Participation in computer security competitions (CTFs), Bug Bounty programs, opensource security research, CVE analysis

Domain expertise in at least 3 of: security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, cryptography, and software development security.

A data-driven and quantitative mentality—you excel in supporting ideas with available evidence.

Experience with the design and implementation of technical security controls at the business division level.

Experience engineering, administering or managing at least one relational database engine, preferably MySQL/MariaDB or PostgreSQL

Experience with AWS or similar enterprise cloud computing platforms.

Experience with full-stack (Linux / Unix) software architectures from UI to infrastructure.

Working knowledge of C/C++

Experience with managing security incidents and threat response

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Company - Amazon Development Center (Tel Aviv)

Job ID: A2868931