Amazon’s Offensive Security Team is looking to for a passionate Security Engineer to help secure Amazon products and services by partnering with the external security research community and white-hat hackers. This role is responsible for the engagement and operation of Amazon’s newly established bug bounty program – Amazon VRP (Vulnerability Reporting Program), including validation of findings, interfacing directly with security researchers outside of Amazon, supporting internal service owners with end-to-end remediation efforts, and influencing the internal technology ecosystem to pursue best security practices. A Security Engineer at Amazon is expected to be strong in multiple domains. Engineers in this role work closely with teams throughout Information Security, such as the Incident Response and Application Security teams as issues are discovered, as well as provide technical leadership and advice to teams throughout Amazon. Engineers in this role must show exemplary judgment in making
- BS in Computer Science or related field, or equivalent work experience. - 3 years in an Information Security role, preferably in application security, penetration testing, red teaming, incident response or a technical engineering role. - Advanced knowledge and understanding of security engineering, application security in web, mobile, IoT and cloud, system and network security, cryptography, authentication and security protocols. - Programming experience in several of interpreted, compiled or web languages: Python, Perl, JavaScript, Go, Ruby, C/C++, Java or C#. - Solid knowledge of vulnerability