Security Engineer I, Vulnerability Management and Remediation Operations

Social network you want to login/join with:

Client:

Amazon UK Services Ltd.

Location:

London, United Kingdom

Job Category:

-

EU work permit required:

Yes

493dfa3f1a8f

4

05.05.2025

19.06.2025

Embark on a mission to fortify Amazon's defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team.

Amazon Security is seeking an experienced and innovative Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.

• Review and analyze common vulnerability disclosures and assist in evaluating potential impacts.
• Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications.
• Help triage vulnerabilities and contribute to impact assessments and detection logic assessments.
• Collaborate with builder teams to implement security fixes and improvements.
• Implement and maintain vulnerability detection mechanisms using established frameworks and tooling.
• Contribute to the development of automation tools and workflows to support team operations.
• Contribute to detection development for hosts and containers.
• Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.

• Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity, or related technical field, or 2+ years of equivalent technical experience.
• Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++, or similar object-oriented languages.
• 3+ years of security engineering experience in vulnerability management or vulnerability signature detection development.
• 2+ years of security engineering experience in system, network, and/or application security.

• Experience with AWS products and services (e.g., EC2, S3, IAM).
• Knowledge of common vulnerability scanning tools (e.g., Nessus, Qualys).
• Experience with threat modeling concepts, network security fundamentals, and familiarity with security frameworks (e.g., OWASP Top 10, CIS).
• Security certifications (e.g., Security+, SSCP, CEH).