Security Engineer, Devices and Services Security

Security Engineer, Devices and Services Security at Amazon

Come join the Amazon Devices & Services Security team dedicated to the protection and security of Amazon consumer devices. Our team performs low-level review of OS components and device services, performing design and code reviews, implementing mitigations and designing and creating tools to instrument, analyze and present insights in areas of potential security exposure.

As a Security Engineer, Devices and Services Security, you will:

• Identify security flaws in various shared services running on Amazon devices.
• Guide Amazon businesses toward secure development of devices and services. This will range from design and code review, threat modeling to security testing.
• Propose, research and develop tools and techniques to improve the security posture of devices and services at scale.
• Provide technical security expertise and consultation to product teams.
• Identify security risks and work with product engineers to create mitigations.

About The Team

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture

In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Basic Qualifications

• 2+ years of web protocols, common security attacks, and remediation (non-internship) experience.
• Bachelor's degree in Engineering, Computer Science, or a related field.
• Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent.
• Experience with web protocols, common security attacks, and remediation (non-internship).
• Experience solving basic problems by writing code or scripts with some assistance.

Preferred Qualifications

• Experience with AWS services or other cloud offerings.

Key skills/competency

• Device Security
• OS Components
• Design Review
• Code Review
• Threat Modeling
• Security Testing
• Vulnerability Assessment
• Web Protocols
• Cloud Security
• Scripting