Security Engineer, Vulnerability Management and Remediation Operations
Job ID: 2828334 | Amazon Data Services UK Limited
Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.
Key job responsibilities
1. Analyse public and private vulnerability disclosures and exploit code.
2. Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.
3. Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.
4. Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner.
5. Engineer high quality, scalable, and accurate vulnerability detection mechanisms.
6. Design and implement automation, tools and workflows to enhance our operations capabilities.
7. Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.
If you're excited about the opportunity to make a significant impact on the security of one of the world's largest and most complex technology ecosystems from our London office, we'd love to hear from you!
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Mentorship and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
BASIC QUALIFICATIONS
- BS degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree; or 4+ years equivalent technology experience.
- 2 years engineering experience in system, network, and/or application security or the development of security products.
- 2 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem.
- 2 years experience and deep knowledge of vulnerabilities, exploits and vulnerability management systems.
- 2 years experience developing vulnerability assessment tests, tools and exploits in Python, Java, etc.
- 2 years experience building applications or systems on cloud-based services.
PREFERRED QUALIFICATIONS
- Understanding of networking and operating system internals.
- Experience across the vulnerability management and remediation lifecycle from assessment through remediation.
- Experience with developing exploits, host-based and container-based detections.
- Experience with AWS services.
Posted: November 20, 2024 (Updated about 4 hours ago)
#J-18808-Ljbffr