Overview
Security Engineer II in the Vulnerability Management & Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.Responsibilities include analysing public and private vulnerability disclosures and exploit code, understanding technical details and potential impact, and supporting remediation efforts with builder teams.
Responsibilities
- Analyse public and private vulnerability disclosures and exploit code.
- Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon’s infrastructure, services, and applications.
- Investigate and triage vulnerabilities, identifying severity and scope of potential impact to Amazon.
- Support response and remediation efforts, assisting builder teams to fix security issues in a timely manner.
- Engineer high quality, scalable, and accurate vulnerability detection mechanisms.
- Design and implement automation, tools and workflows to enhance operations capabilities.
- Be part of a global team and participate in periodic on-call responsibilities to ensure continuous monitoring and remediation of vulnerabilities.
Qualifications
- Bachelor’s degree in computer science or equivalent.
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP.
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language.
- 5 years security engineering experience in system, network, and/or application security.
- 5 years experience developing vulnerability assessment tests with Python or Java.
- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem.
- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.
- 3 years experience building cloud-based services, with experience using AWS products and services.
- Experience with combination of threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
- Experience with AWS services.
Additional information
We are an equal opportunities employer. We value diverse experiences and encourage applicants who may not meet all preferred qualifications to apply. We also respect privacy and provide information in our Privacy Notice for how we collect, use, and transfer candidate data.
#J-18808-Ljbffr…
