Description de l'offre
Amazon Lab126 is an inventive research and development company that designs and engineers high-profile, portable, hand-held consumer electronic products like the Kindle. The products we design and engineer are easy-to-use and offer user benefits that are only made possible through tightly integrated digital technologies and wireless connectivity. Lab126 began in 2004 as a subsidiary of Amazon.com, Inc., originally creating the best-selling Kindle family of products. Since then, we have produced groundbreaking devices like Fire tablets, Fire TV and Amazon Echo.
Lab 126 is looking for expert Security Engineers to ensure that our applications are designed and implemented to the highest standards thus maintaining and enhancing customer trust. If you enjoy analyzing system services, operating systems, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity. You will participate in security audits, risk analysis, vulnerability testing and security reviews.
· Identify security issues and risks, and develop mitigation plans.
· Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles.
· Develop and interpret security policies and procedures.
· Develop and deliver training materials and perform general security awareness and specific security technology training.
· Evaluate and recommend new and emerging security products and technologies.
· Participate in tier 2 and tier 3 security operations support.
· Participate in incident handling.
· Participate in projects that develop new intellectual property.
· Bachelor's Degree in Computer Science, Computer Engineering or related field
· 4+ years of professional experience in software development building/supporting production systems
· 2+ years of experience in application-level vulnerability testing and auditing
· Knowledge or experience in application-level vulnerability testing and auditing.
· Knowledge or experience in application security experience.
· Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
· Experience with the application of threat modeling or other risk identification techniques.
· Development experience in C, C++ and/or Java.
· Scripting skills (e.g., PERL, shell scripting).