Security Engineer
Dublin (Dublin City) Design / Civil engineering / Industrial engineering
Job description
DESCRIPTION
Amazon Payments is building a security engineering team to create and maintain a secure AWS based service to handle payments for Amazon Retail globally. Security Engineers will take part in all parts of the re-design for how Amazon processes payments right up to implementation and ongoing feature creation for the service.
Strong coding experience is required in order to identify risks in configuration/application code, provide proof of concept for vulnerabilities and introduce or improve automation for security reviews/scans/risk assessment so that it can be included as early as possible in a continuous deployment pipeline.
You will be responsible for protecting Amazon customer data and the several hundred billion dollars that will flow through your service annually.
Note: A strong candidate doesn't have to be an expert in all of these areas but must have an excellent grasp of 2-3 key areas and foundation and interest in others.
· Bachelor's Degree in Information Security/Computer Science related course or 3+ years relevant experience
· More than two years of security engineer experience in a mixed environment of system, network and/or application/OS
· Consistent track record implementing security risk and remediation programs
· Focus on automating the reporting and tracking of vulnerabilities
· Ability to guide and consult multiple developer teams to deliver secure alternatives to current designs
· Coding level to allow for both proof of concept and deep dive code review at an early design and pre-release stage
· Excellent knowledge of Linux OS hardening
· Knowledge of Internet and Network routing protocols
· Experience in deploying and supporting web and/or payment applications in a 24x7 production environment
· Excellent communication, documentation, work prioritization and analytical skills.
· Proven design skills
Desired profile
BASIC QUALIFICATIONS
· Previous experience building PCI compliant systems e.g. payment gateways, processors, card issuers, banks, etc.
· Professional experience and detailed technical knowledge in multiple areas of: security engineering, system and network security, authentication and security protocols, cryptography, and application security
· Experience with service-oriented architecture and web services security
· Experience with the application of threat modelling or other risk identification, prioritization and mitigation techniques
· Intermediate to advanced coding skills. Preferred languages are Python/Ruby/Java.