Logo
Amazon

Sr Security Engineer, Ads Security

Amazon, Bellevue, Washington, us, 98009


Description

The Ads Security organization at Amazon is dedicated to creating innovative technical solutions that detect, assess, and mitigate security risks within Amazon’s Advertising businesses. Our vision is to accelerate the development velocity of the Advertising business by ensuring that our products are inherently secure. We are seeking a talented engineer to join our team, where you will have the opportunity to contribute to securing web applications and services critical to delivering exceptional customer and partner experiences at scale in Amazon Ads. The ideal candidate will have a robust background in security program management, experience in establishing security standards for cross-cloud deployments, and a deep understanding of cloud security, particularly within AWS platforms. You will conduct independent security reviews, oversee penetration tests as necessary, and provide guidance to stakeholders on remediation strategies and best practices for integrating security into their application platforms. Your role will be pivotal in ensuring the protection of customer data and critical infrastructure within the Ads organization.

Key job responsibilities

As a Senior Security Engineer within Amazon’s Ads Security team, you will play a crucial role in ensuring that applications across numerous Ads platforms are designed and executed with the highest security standards to maintain customer trust. You will tackle a diverse array of security challenges, ranging from novel threats in Ads services to selecting and implementing scalable and secure features such as key management solutions and encrypted storage. Additionally, you will serve as a subject matter expert, providing guidance to developers on building secure products and fostering a security-conscious culture within the organization.

Collaborate directly with service and platform owners to advise on security best practices and tool implementation.

Perform comprehensive security assessments on SaaS implementations, data management systems, and reporting frameworks being used internally by Amazon Ads teams or externally by Amazon Ads customers.

Coordinate and oversee penetration testing activities for platforms and tools.

Identify security risks, report findings, and recommend solutions for complex security issues by leveraging existing set of detections and/or design new detections within Amazon’s various security detection frameworks.

Contribute to fostering a strong security culture at Amazon through knowledge sharing and collaboration.

Engage in cross-team projects aimed at enhancing the security posture of Amazon and customer data throughout its lifecycle.

A day in the life

Activities in this role include:

Identifying security issues and risks, review & approve mitigation plans for Ads products.

Evaluating and recommending new and emerging security products and technologies.

Influencing product teams and senior leadership to implement practices that maintain a high security bar.

Participate in the design discussions and development of user stories for security automation

Advising teams developing products on the correct components that deliver security features like key management, authentication, encryption, etc.

Proposing, collaborating & obtaining buy-in on strategic security initiatives.

Recommending and developing security-focused tools that help product teams prevent security misconfigurations & vulnerabilities in the design & implementation of features. Look for opportunities to automate, detect and move security to left in SDLC process.

Developing and interpreting security policies and procedures to form security requirements.

Developing training that promotes general security awareness and informs developers on how to discover & mitigate security vulnerabilities in their products.

Deciding which new security tooling and strategies should be pursued for scalable security in service development.

Supporting incident response activities as a security subject matter expert.

About the team

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture

In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

We are open to hiring candidates to work out of one of the following locations:

Bellevue, WA, USA | New York, NY, USA

Basic Qualifications

BS in Computer Science or related field, or equivalent work experience

At least 5 years of experience in application security, threat modeling, secure coding, software development, secure software or system design

At least 3 years of experience in a development or security role working with development team(s) that delivered commercial software or software-based services

Advanced knowledge and understanding of any combination of the following: security engineering, system and network security, authentication and security protocols, cryptography, or application security

An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)

Preferred Qualifications

Experience managing and delivering security solutions at scale.

Experience with DevOps, Software Build and Deployment systems

Knowledge of Advertisement domain

Experience with service-oriented architecture and web services security

Experience with AWS or similar enterprise cloud computing platforms

Experience with the application of threat modeling or other risk identification techniques

Demonstrated experience collaborating with other security engineers and developers to deliver complex projects

Excellent written and verbal communication skills with the ability to convey technical information to a wide variety of audiences

Strong and creative problem-solving abilities

Meets/exceeds Amazon’s leadership principles requirements for this role

Meets/exceeds Amazon’s functional/technical depth and complexity for this role

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.