Amazon.com is looking for a Security Engineer focused on developing elegant solutions to complex business problems centered around vulnerability management. This includes architecture and design, tooling development and assessment, training and outreach as well as documentation and process automation. You will also work directly with our Vulnerability/Exploit Analysts and Vulnerability Operation Analysts to drive remediation efforts. Responsibilities: · Develop procedures related to the review of vulnerabilities. · Provide technical support for the resolution of vulnerabilities reported by our automated systems. · Provide tier 3 security operations support. · Develop security policies, standards, procedures and guidelines. · Participate in security compliance efforts (e.g. PCI, SOX). · Implement and support security-focused tools and services. · Earn trust and maintain strong working relationships with teams responsible for patching. · Build information security as a core competency throughout
· BA/BS in an engineering or technical leadership discipline, or equivelant experience · Experience with vulnerability management solutions, vulnerability analysis, and risk analysis. · At least 3 years of system, network and/or application security experience. · At least 2 years of development experience in C, C++ and/or Java. · At least 1 year of mobile device security experience. · Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols). · Scripting skills (e.g. Perl, Ruby, Python, Shell scripting). · Ability to write advanced SQL queries against