Amazon

Returning Candidate?

Amazon Global Payments, Payments Application Engineer (Security and Risk)

Amazon Global Payments, Payments Application Engineer (Security and Risk)

Job ID 
169820
Location 
IN-KA-Bangalore
Posted Date 
02-06-2014
Company 
AMZN CAN Fulfillment Svcs, Inc
Recruiting Team 
..

Job Description

Are you interested in being part of a fast paced technology company offering the next generation of online payment systems and services? Amazon.com, a Fortune 500 company based in Seattle, Washington, is the global leader in e-commerce.

Our Global Payment Services (GPS) Division is looking for a motivated individual to join our Payments Security and Compliance Team. The selected candidate will act as a Payments Application Security Engineer with an emphasis on application architecture, security and quality reviews. In this role the selected candidate will be asked to assess and mature existing designs, architectures, and processes and partner with internal and external teams with the aim of improving overall security of our applications.

The GPS Security and Compliance team is responsible for the security and availability of all of the services offered by GPS. Our team works with internal and external service teams to solve security challenges, and builds tools to automate the auditing and operation of the GPS infrastructure. We are looking for super-smart software and systems professionals to join us and help us continue to raise the security bar for Payments.

The ideal candidate is clearly passionate about solving security problems in innovative ways. This person thrives and succeeds in delivering high quality technology products/services in a hyper-growth environment where priorities shift fast. The ideal candidate has broad and deep technical knowledge, typically ranging from front-end UIs through to back-end systems and all points in between. He or she has strong OO design and implementation experience, strong knowledge of web protocols, and an in-depth knowledge of Linux/Unix tools and architecture. Experience with financial or payments based applications and/or web services-based applications, especially at massive scale, are very applicable and helpful.

You have industry-leading technical abilities. A Security Engineer at Amazon is expected to be strong in multiple domains – it is necessary to be successful in the position. You work with groups throughout Amazon to help them integrate security into their projects. The solutions you develop will regularly require input and guidance from team members and will be based on security engineering best practices. You proactively and continually improve your level of knowledge about Amazon’s business, information security, the threat landscape and relevant technologies. You communicate professionally with your team and the teams you support, knowing when to contribute and when to listen. Your work is accurate and thorough and you strive towards excellence.

You demonstrate a breadth and depth of knowledge in the following disciplines:
  • You recognize, adopt, utilize and teach best practices in security engineering: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
  • You have appropriate technical skills required by your role and area of specialty: software development, network engineering, systems engineering, cryptography or a combination of all.
  • You have a capacity and tolerance for extreme context switching and interruptions while remaining productive and able to provide effective, safe guidance.
  • You participate in efforts to promote security throughout the Company.
  • You help teams throughout the Company develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
  • You solve problems at their root, stepping back to understand the broader context.
  • You maintain an understanding of the Internet threat environment and how it affects the company.
  • You work to find and fix flaws in existing company systems and sites.
  • You understand the current state of network and application security tools and how they can benefit the company.
  • You keep your knowledge and skills current to keep up with the rapidly changing threat landscape.
  • You participate in efforts that create and improve the company’s security policies.
You work in a team, driving things forward and exhibiting the following characteristics:
  • You collaborate to ensure that decisions are based on the merit of the proposal, not the proposer. When none of the proposals is the obvious winner, you are still decisive, able to disagree and commit to the team’s decision.
  • You can work under extended, extreme pressure, handle situations calmly and lead incident response teams effectively.
  • You continue to move forward in the face of ambiguity and imperfect knowledge. You do not suffer from “analysis paralysis”.
  • You build good working relationships within the team and with others across Amazon by developing and earning the trust of others.
  • You proactively support knowledge sharing within the team and across the company.
  • You communicate clearly both verbally and in writing with your team and with other groups. You listen effectively.

Basic Qualifications

  • Bachelor's Degree in Computer Science or similar field
  • Minimum 5 years in Application Security analysis, assessments, and remediation

Preferred Qualifications

  • 4+ years of application security experience
  • Linux operating system development
  • Experience with hardware virtualization technologies
  • Solid knowledge of data structures, algorithms, and designing for performance, scalability, and availability
  • Programming in C, C++, Java, Python, Perl, and/or Ruby
  • Internet and operating system security fundamentals
  • Sharp analytical abilities and proven design skills
  • Strong sense of ownership, urgency, and drive
  • Demonstrated ability to achieve stretch goals in a highly innovative and fast paced environment
  • Experience with network protocols a plus Participate in product and technology initiatives and recommend improvements
  • Contribute to the risk identifiction and make recommendations to reduce those risks