Security Engineer, AWS Security
Amazon Web Services (AWS) Security is looking for a passionate and innovative Security Analyst for the AWS Vulnerability Management team. At AWS, security is job zero. The AWS Vulnerability Management team continuously raises the bar for security at AWS. We combine intelligence, cybersecurity skills, risk management techniques, and technical expertise to keep our customers and the cloud secure. Our team offers the unique opportunity to work with leading industry security experts and engage across AWS service teams and leadership. We are data-driven, set big goals, and are always challenging ourselves and each other to identify better solutions and take on new challenges.
As a Security Analyst in AWS Vulnerability Management, you will work on a team of security analysts, security engineers, software developers, and technical program managers. You will interpret and triage vulnerability disclosures, collaborate with subject matter experts across AWS on technical solutions, and drive remediation activities across AWS’s unprecedented scale.
Key responsibilities include:
- Research and interpret vulnerability disclosures and intelligence
- Own and coordinate vulnerability assessment and triage activities with subject matter experts across AWS
- Own workstreams during large-scale remediation or triage campaigns.
- Author risk assessment statements, remediation guidance, and status reports
- Partner with product teams across Amazon to develop scalable solutions to security vulnerabilities
- Develop tooling to automate and refine vulnerability management processes
- Periodic on-call responsibilities.
**This role is open to alternate location in Austin, TX**
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring. We care about your career growth as a passionate learner that is motivated to take on challenges.
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life—both in and outside of work.
- BS degree in Computer Science, Computer Engineering, Information Systems or related degree; or 4+ years equivalent technology experience
- 3 years experience in system, network, and/or application security
- 3 years experience in threat modeling and interpreting vulnerability disclosures
- 2 years experience building automated tools in C, C++, Java, Python, Perl, PowerShell, or Ruby
- Experience in vulnerability management or security operations.
- Experience affecting change across complex environments.
- Strong understanding of Windows and Linux internals and system design.
- Experience with AWS services.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.