Sr. Software Dev. Engineer, Vulnerability Detection & Pentesting for Devices and Services

DESCRIPTION

Job summary
Amazon Lab126 is an inventive research and development company that designs and engineers high-profile consumer electronics. Lab126 began in 2004 as a subsidiary of Amazon.com (http://amazon.com/), Inc., originally creating the best-selling Kindle family of products. Since then, we have produced groundbreaking devices like Fire tablets, Fire TV, and Amazon Echo. What will you help us create?

The Role:
Are you interested in being part of a top-notch security team covering all Amazon consumer devices (including hardware and low-level functionality) as well as key Amazon services supporting our consumer devices (such as Computer Vision, AppStore, Device Registration, Kindle, etc.)? Do you want to be part of a vulnerability research team dedicated to detection and mitigation of vulnerabilities prior to launch in order to keep Amazon consumer devices and services safe? Your work directly impacts the way our customers, teams, and business across the globe get things done. If you want to keep customers safe, then we have a job for you! You can learn more about security at Lab 126 here: https://www.youtube.com/watch?v=k0UTTxzeGog.

The Vulnerability Detection and Penetration Testing team is looking for a Senior Software Development Engineer who has a strong passion for security-at-scale. You will work on a small team dedicated to building new tooling to improve Amazon devices and services security capabilities. You will build systems that scans our massive environment of devices, web services and infrastructure for security concerns and engages the right team to fix them. As a member of a small team, you can create the culture you want to work in. You will have a voice in shaping the future direction of automatic security tools in Amazon Digital. You will collaborate with security experts to ensure your system helps Amazon maintain the security that our customers depend on.

While you may not be a security expert just yet, in this role you will develop a broad and deep understanding of application and device security and how Amazon keeps its customer secure.

Notes:
While the majority of our Security/Privacy roles are based in the Bay Area, CA and Seattle, WA areas, by applying to this position your application will be considered for all locations we hire for in the United States, including but not limited to: Seattle, WA; Bellevue, WA; Sunnyvale, CA, Austin TX.

Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced lifeboth in and outside of work.

Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.

Key job responsibilities
Rapidly prototype and incubate new security features and solutions. Deliver high quality solutions in a hyper-growth environment where priorities shift.
Perform vulnerability detection using variety of automated static, dynamic analysis as well as custom tooling (e.g. static analyzers, fuzzers, scanners, analyzers, etc.) to scale vulnerability detection on devices and associated services and enable easier analysis of externally reported issues.
Architect, design and develop systems for presenting security problems to engineers so they can be fixed.
Architect, design and develop solutions and systems for detecting security issues in software.
Work closely with other internal development teams across Amazon to coordinate security improvements.
Directly represent the team to business leaders.

About the team
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced lifeboth in and outside of work.

Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.

BASIC QUALIFICATIONS

• 4+ years of professional software development experience
• 3+ years of programming experience with at least one software programming language
• 2+ years of experience contributing to the system design or architecture (architecture, design patterns, reliability and scaling) of new and current systems
• Experience as a mentor, tech lead OR leading an engineering team

BS degree in Computer Science or related field

* Programming experience with at least one modern language such as C++, C#, Java, Python, Golang, PowerShell, Ruby.
Understanding of web application security issues like XSS, CSRF, and SSRF
Systems Engineering/SRE experience in a large, distributed environment focusing on automation
Experience using AWS services
Effective and tactful communication skills: you will be working with other teams to improve their security
Master’s degree in Computer Science or equivalent experience.
Excellent leadership skills and teamwork skills
Results oriented, high energy, self-motivated

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.