Key skills
JavaScriptPythonJavaC++CGoRubySwift.NETIdentity ManagementPenetration TestingNetwork SecurityCloud Security
About this role
Amazon is a leading technology company that pushes the boundaries of innovation across various sectors. As an AppSec engineer, you will collaborate with software development teams to ensure security while developing new services and tools.
Responsibilities:
- Creating, updating, and maintaining threat models for a wide variety of software projects
- Manual and Automated Secure Code Review, primarily in Java, Python and Javascript
- Development of security automation tools
- Adversarial security analysis using modern tools to augment manual effort
- Security training and outreach for internal development teams
- Security architecture and design guidance
- Independently solve security problems that require novel methods or approaches
- Influence your team’s and partners’ process, priorities, and choices to improve outcomes
Requirements:
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- Bachelor's degree in computer science, computer engineering, or related field, or 3+ years of technical work experience
- Experience applying threat modeling or other risk identification techniques or equivalent
- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+