Security Engineer, Secure Third Party Tools

Security Engineer, Secure Third Party Tools

Job :  |  Services LLC

Secure Third Party Tools (S3T) is looking for a Security Engineer to help identify, measure, and remediate security risks associated with third‑party tools and their products that access Amazon’s data. S3T conducts assessments to ensure third‑party usage meets Amazon’s security bar, and defines the security controls needed to remediate any gaps. The role focuses on reducing risk by identifying required controls, proposing compensating measures, and guiding teams to secure integration of third‑party products.

• Solving evolving security problems that require novel methods or approaches
• Leading security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership
• Creating, updating, and maintaining threat models for a wide variety of use cases
• Acting as a technical security specialist on risk‑based security reviews and assessments
• Collecting and reviewing data from multiple sources to conduct a security review

• 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object‑oriented language experience
• 2+ years of scripting, programming, and security code review in a common programming language (non‑internship)
• 2+ years of troubleshooting system issues, analyzing logs, or automating basic tasks using command line tools (non‑internship)
• Bachelor’s degree in computer science or equivalent
• Bachelor’s degree in a STEM field (Science, Technology, Engineering, Mathematics) or experience in IT Security
• Knowledge of networking protocols such as HTTP, DNS, and TCP/IP
• Knowledge of industry‑based security vulnerabilities and remediation techniques
• Experience in scripting, programming, and security code reviewing in a common programming language (non‑internship)
• Experience in troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non‑internship)

• 2+ years of any combination of threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration, and network security experience
• 2+ years of scripting, programming, or security code review in a common language such as Python, Java, or C++
• Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
• Knowledge of networking protocols such as HTTP(S), DNS, and TCP/IP
• Experience with AWS products and services
• Experience with programming languages such as Python, Java, C++
• Experience in scripting, programming, or security code reviewing in a common language such as Python, Java, or C++
• Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing

Your Amazon package will include sign‑on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance, 401(k) matching, paid time off, and parental leave.

Location:

USA, WA, Seattle – Salary range: $ – $ USD annually.

Amazon is an equal‑opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.