web analytics

Sr. Security Engineer, OpenSearch Security

Amazon

Our mission: To be Earth's most customer-centric company.

DESCRIPTION

Job summary
At AWS we are all owners of security. Amazon OpenSearch (AOS) is building a team of security engineers who are excited to handle unique challenges of owning security for a managed service. AOS customers are able to create fully managed instances of OpenSearch (and instances of ALv2 Elasticsearch versions 1.5 to 7.10.) Customers expect that any AWS service will be secure, reliable and available and AOS is no exception. This role has full scope for all aspects of how AOS operates and will work closely with the AWS Pentest and Red Team.

Security engineers seek to become the authoritative source for truth on how a service functions and how vulnerabilities or new features may affect the service or one of its components. Being the authoritative source of truth carries with it the obligation to report that truth upwards, security engineers must develop a high level of trust with leadership such that when decisive action must be taken they can provide trusted advice.

Key job responsibilities

  • Provide targeted advice to the AOS development teams as new features are being developed and deployed
  • Monitor changes and security releases in relevant open source projects which may impact AOS
  • Proactively testing the service, open source dependencies and supporting internal infrastructure
  • Source code auditing of AOS, its dependencies and supporting internal infrastructure
  • Establish longer-lived testing environments to facilitate proactive security testing by the teams
  • Set up a Weekly Security Meeting with core stake holders and executive sponsors to surface security issues

BASIC QUALIFICATIONS

  • A Bachelor’s degree in Computer Science, Cybersecurity or equivalent professional experience can be used in lieu of a degree.
  • Minimum of 5 years of experience in source code auditing, bug hunting or CTF experience.
  • Minimum of 5 years of experience with manually auditing Java source code
  • Minimum of 5 years of experience scripting in Python or other equivalent interpreted languages.
  • Minimum of 5 years of professional experience with security engineering practices such as in web application security, network security, authentication and authorization protocols, cryptography, automation and other software security disciplines.
  • Meets Amazon’s leadership principles requirements and functional technical depth and complexity requirements for this role

PREFERRED QUALIFICATIONS

  • Experience with OpenSearch or similar products
  • Experience with AWS technologies and services (e.g. S3, Lambda, EC2, KMS, IAM, etc.)
  • Experience with bug hunting, bug bounties, capture the flag, software development
  • Experience with multiple programming languages
  • Exceeds Amazon’s leadership principles requirements for this role
  • Exceeds Amazon’s functional/technical depth and complexity for this role

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

To apply for the job click here

Sr. Security Engineer, OpenSearch Security

To apply for the job click here

Contact us

Amazon

Our mission: To be Earth's most customer-centric company.

Related Jobs