Amazon Information Security is seeking a Security Engineer to drive architectural reviews, threat models and develop requirements for corporate IAM adoption efforts, and support of Amazon’s Corporate Identity and Access Management program. You will leverage your strong teamwork skills as you and your teammates engage with other engineering and operations teams across Amazon to implement a corporate IAM program to manage human identity (e.g. employees, contractors, vendors) and authentication initiatives across Amazon’s global enterprise. The successful candidate will lead the development of policies and procedures for the identity lifecycle, drive programs that improve authentication infrastructure across a complex global corporate environment and lead a single-threaded team of IAM SMEs providing identity consulting services across the enterprise. Data-driven decisions are important to Amazon. You will draw heavily on your experience collecting, analyzing, and summarizing data to create
· Minimum 2 years of experience in identity and access management (IAM) programs · Demonstrable knowledge of current technologies in authentication, federation, and identity management space, such as OAuth 2.0, OpenID Connect, SAML, SCIM, U2F/UAF/FIDO2, HOTP · Familiarity with using biometrics for authentication and managing related privacy considerations · Familiarity with relevant identity-oriented standards, such as NIST800-63 and GDPR · At least 6 years of security experience with one or more domains in the common body of knowledge (CBK) · Technical knowledge in security engineering, authentication