Security Engineer, S3 Security Experience

Job summaryManaging trillions of objects in storage, retrieving them in sub-x ms, building software that deploys to tens of thousands of hosts, achieving 99.999999999% (you didn’t read that wrong, that’s 11 nines!) durability. These are just a few of the numbers that give you a sense of the scale of the exciting problems you will find every day working in Simple Storage Service (S3). Amazon S3 powers businesses across the globe that make the lives of consumers better daily. Whether its electronic content delivered to your home, technology that betters your remote working experience, allows you to plan travel to exotic places or simply get stuff delivered to your home. As a Security Engineer in S3, you get to deliver these capabilities and delight our customers through teams of talented engineers and leaders.You are passionate about keeping Amazon customers safe and you are driven by opportunities to mitigate vulnerabilities and risks, providing actionable guidance and information to engineering teams to drive long-term security improvements aiming at simplifying the customers experience, hardening our resilience, while still fulfilling the S3 promise of unparalleled durability and security.*Work/Life Balance*Our team puts a high value on work-live balance. It is not about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives.*Mentorship & Career Growth*Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring and thorough, but kind, code reviews. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.Key job responsibilitiesAn S3 Security Engineer performs security assessments and partners with engineers to build automation mechanisms to detect, resolve, and prevent risks for S3 customers. They work with customers to identify ways to simplify security controls and meet operations, governance and compliance requirements. A security engineer is capable of understanding common attack frameworks, perform threat models, and understand IAM access controls with a high level of detail. Successful engineers in this role regularly demonstrate strong Deliver Results, Earns Trust, Bias for Action, Ownership and Learn and Be Curious.About the teamThe S3 Security Experience Observability team are passionate Amazonians who provide capabilities and services to prevent security events in S3 environments. If there is a security breach, we provide automated mechanisms to quickly mitigate issues, understand and minimize impact to S3 customers. We protect customer data from unauthorized access or criminal use to ensure confidentiality, integrity, and availability. Our goal is to protect AWS S3 customers by enabling them with processes and technologies needed to make secure decisions and safely operate sustainable services.

Basic Qualifications

* 2+ year’s of non-internship, full-time experience in cybsersecurity* Proficiency in at least one security related field: vulnerability management, penetration testing, red teaming, threat hunting, application security, network security, etc.* 2+ years of experience contributing to the secure architecture and/or design (secure design, threat modeling, vulnerability assessments w/ mitigations, etc.) of new and/or current systems.* Experience with Agile development and Continuous Deployment * Ability to effectively communicate technical challenges and solutions

Preferred Qualifications

* 5+ year’s of non-internship, full-time experience in cybsersecurity* Proficiency in two or more security related fields: vulnerability management, penetration testing, red teaming, threat hunting, application security, network security, etc.* 5+ years of experience contributing to the secure architecture and/or design (secure design, threat modeling, vulnerability assessments w/ mitigations, etc.) of new and/or current systems.* Familiarity with AWS services, specifically S3, IAM, and/or Crypto* Familiarity with object oriented analysis and design patterns (OOA/OOD) * Experience in big data solutions (Kafka, Hadoop, Spark, etc.)* Experience with at least one linux based operating system (RedHat Linux, CoreOS, Amazon Linux etc.) * Hands-on experience building APIs on a modern cloud (Google Cloud, Amazon AWS, Azure) * You are passionate about efficiency, availability, quality and scalability.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.