Amazon Lab126 is an inventive research and development company that designs and engineers high-profile, portable, hand-held consumer electronic products like the Kindle. The products we design and engineer are easy-to-use and offer user benefits that are only made possible through tightly integrated digital technologies and wireless connectivity. Lab126 began in 2004 as a subsidiary of Amazon.com, Inc., originally creating the best-selling Kindle family of products. Since then, we have produced groundbreaking devices like Fire tablets, Fire TV and Amazon Echo.
Lab 126 is looking for expert Security Sys Dev Engineers to ensure that our applications are designed, implemented and supported to the highest standards thus maintaining and enhancing customer trust. If you enjoy analyzing system services, operating systems, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity. You will participate in security audits, risk analysis, vulnerability testing and security reviews.
The Role: · Identify security issues and risks in existing systems, and develop mitigation plans. · Support, and evaluate security-focused tools and services including project leadership roles. · Develop and interpret security policies and procedures. · Evaluate and recommend new and emerging security products and technologies. · Participate and own tier 2 and tier 3 security operations support. · Own incident handling.
· Bachelor’s Degree in Computer Science, Computer Engineering or related field · 4+ years of experience in application-level vulnerability testing and auditing · Experience in application-level vulnerability testing and auditing. · Experience in application security experience. · Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security. · Experience with the application of threat modeling or other risk identification techniques. · Scripting skills (e.g., PERL, shell scripting).
· MS in Computer Science or equivalent desired. · Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits. · Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols). · Excellent written and verbal communication skills. · Excellent leadership skills and teamwork skills. · Results oriented, high energy, self-motivated. · Experience in a 24/7 production environment is a plus.